Lockheed Martin Network Disrupted, RSA Tokens Reportedly Involved
The computer network at the largest U.S. defense contractor is suffering what’s being described as a “major disruption” today, according to a report from Reuters, and the word is that somehow, RSA SecurID tokens–those little keychain dongles that generate seemingly random strings of numbers every 60 seconds–are involved.
Remember, if you will, that RSA disclosed it was under what it described as an “extremely sophisticated attack” in March. Later in April, the EMC-owned security outfit disclosed some of the anatomy of the attack, though it didn’t say much about what information was taken.
A few days ago, Robert Cringely reported that a major U.S. defense contractor had a very bad weekend, as a network issue took down remote access, meaning that anyone who routinely worked remotely had to go instead into the nearest office. The way he tells it, the incident was followed by word that all employees using the tokens would be issued new ones and would be required to change their passwords. The tokens are used to provide two-factor authentication to the corporate network from outside the firewall that’s meant to keep outsiders out.
Obviously, word of a network disruption like this is disturbing on many levels, not the least of which is the fact that Lockheed Martin works on some of the country’s most important and most sensitive defense projects, like the F-22 and F-35 jet fighters.
EMC isn’t commenting on the incident. But Reuters is quoting Steve Winterfeld of TASC, a company spun off from Northrop Grumman, as saying RSA hasn’t provided enough details on how its network was breached, and that this has led him to consider the RSA devices as no longer secure. People are, he says, “freaked out.”
He’s likely not alone. As of 2009, there were more than 40 million people either using RSA tokens or RSA number-generating software on their smart phones.