Lockheed Martin confirmed on Saturday that it’s been the target of a ‘significant and tenacious’ hacking attack.
The company – the US’ biggest military contractor – says it fought the attack off successfully.
“The company’s information security team detected the attack almost immediately, and took aggressive actions to protect all systems and data,” it says in a statement.
“As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure; no customer, program or employee personal data has been compromised.”
The company blocked all remote access to the internal network, and is requiring all its 100,000 users to change their passwords. It’s also replacing all RSA SecureID tokens – interesting, as it indicates that the attack may be linked to the security breach suffered by RSA itself in March.
At the time, RSA gave little information about exactly what data had been stolen, but there were fears that it included the seed codes for clients that would allow attackers to generate the time-based code allowing access to client systems.
“Is it possible that whatever information was stolen from RSA helped the hackers break into Lockheed Martin? If that’s the case, that’s worrying news for businesses around the world,” says Graham Cluley of security firm Sophos.
“An unnamed source with direct knowledge of the attacks is said to have confirmed to Reuters that other military contractors have also been compromised.”
It’s not known who’s behind the Lockheed Martin attack. Some observers are suggesting that it could be a foreign government – China or Russia perhaps.