Network Invasion at Lockheed Martin Leads to Remote Access Suspension
WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
Lockheed Martin has been battling a "major disruption" to its computer systems after its IT security team detected a network intrusion earlier this week, Reuters reported.
The disruption began May 22 when the company detected an intrusion to the network, according to the May 26 Reuters story, which cited technology blogger Robert Cringley. Cringley claimed the breach involved RSA SecurID tokens that Lockheed employees use to access the internal network remotely.
Lockheed has notified the Pentagon about the problem, and it is working closely with the company's IT team to gather information about the situation. However, the company has not confirmed that the issues with its network are related to a security breach. Lockheed does not discuss specific threats or responses as a matter of principle, a company spokesperson told Reuters.
The company has reset all passwords for its employees and suspended remote access to email and other corporate applications, according to The Register. Unnamed sources told Reuters that employees can still use their mobile devices to check company email.
Cringley said the incident may be tied to or at least use the information stolen from RSA Security back in February. All remote access to the Lockheed's internal network using the company's virtual private network (VPN) software was disabled on May 22. Employees who regularly telecommute were asked to come into nearby offices to work, according to Cringley.
Employees were told on May 25 they will be getting new RSA SecurID tokens "over the next several weeks," Cringley said. Cringley estimated that 100,000 personnel will have to be issued new tokens before remote access is restored, a process that will take at least a week.
"You have no idea how many people are freaked out right now," Steve Winterfeld, cyber technical lead at TASC, an advanced systems company spun off from Northrop Grumman, told Reuters. TASC and other companies are no longer treating the RSA SecurID token as completely secure, according to Winterfeld.
Replacing those SecurID tokens can potentially cost an estimated $1.30 per token, Avivah Litan, a distinguished analyst at Gartner, told eWEEK. The costs include direct costs of the token as well as indirect costs such as overhead, support and shipping.
For more, read the eWEEK article: Lockheed Martin Shuts Down Remote Network Access After Detecting Intrusion.