Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other US military contractors, a source with direct knowledge of the attacks said.
They breached security systems designed to keep out intruders by creating duplicates to “SecurID” electronic keys from EMC Corp’s RSA security division, said the person who was not authorized to publicly discuss the matter.
It was not immediately clear what kind of data, if any, was stolen by the hackers. However, the networks of Lockheed and other military contractors contain sensitive data on future weapons systems, as well as military technology currently used in Iraq and Afghanistan.
Weapons makers are the latest companies to be breached through sophisticated attacks that have pierced the defenses of huge corporations including Sony Corp, Google Inc and EMC Corp. Security experts say that it is virtually impossible for any company or government agency to build a security network that hackers will be unable to penetrate.
The Pentagon, which has about 85,000 military personnel and civilians working on cybersecurity issues worldwide, said it also uses a limited number of RSA electronic security keys, but declined to say how many for security reasons.
The hackers learned how to copy the security keys with data stolen from RSA during a sophisticated attack that EMC disclosed in March, according to the source.
EMC declined to comment on the matter, as did executives at major defense contractors.
Rick Moy, president of NSS Labs, an information security company, said the original attack on RSA was likely targeted at its customers, including military, financial, US governmental and other organizations with critical intellectual property.
He said the initial RSA attack was followed by malware and phishing campaigns seeking specific data that would link tokens to endusers, which meant the current attacks may have been carried out by the same hackers.
“Given the military targets and that millions of compromised keys are in circulation, this is not over,” he said.
Defense contractors’ networks contain sensitive data on sophisticated weapons systems, but all classified information is kept on separate, closed networks managed by the US government, said a former senior defense official, who was not authorized to speak on the record.
SecurIDs are widely used electronic keys to computer systems that work using a two-pronged approach to confirming the identity of the person trying to access a computer system. They are designed to thwart hackers who might use key-logging viruses to capture passwords by constantly generating new passwords to enter the system.
The SecurID generates new strings of digits on a minute-by-minute basis that the user must enter along with a secret personal identification number before they can access the network. If the user fails to enter the string before it expires, then access is denied.
‘A DISASTER’: A successful Chinese attack on Taiwan would undermine the credibility of US security guarantees and could result in a global depression, three experts wrote A Chinese takeover of Taiwan would be a geopolitical catastrophe for the US and its allies, one that would overshadow almost all others over the next decade, US policy experts said. Andrew Erickson, a professor of strategy in the US Naval War College’s China Maritime Studies Institute; Gabriel Collins, a fellow at Rice University’s Baker Institute for Public Policy; and former US deputy national security adviser Matthew Pottinger issued the warning in an article published on Friday in Foreign Affairs. Bejing’s invasion or annexation of Taiwan “would be a disaster of utmost importance to the United States, and I am convinced that
Taiwanese businesspeople’s investments in China last year hit a record low of 11.4 percent of total foreign investment, the Mainland Affairs Council said yesterday. The number was a huge decline from 83.8 percent in 2010, mainly because Taiwanese businesspeople have been diversifying their investments globally over the past few years, with great success, the council said. From 1991 to last year, 45,523 Taiwanese investments in China totaling US$206.37 billion had been approved, accounting for 50.7 percent of overall foreign investment, data from the Ministry of Economic Affairs’ Investment Commission showed. The amount and proportion of Taiwanese investments in China has been declining, with
Taiwanese tourists on board a Kinmen cruise ship had a scare yesterday when it was intercepted by Chinese coast guards who forcefully boarded the vessel to inspect it. The Sunrise, a tourism ferry that operates between Kinmen and Xiamen, China, was sailing around the waters around the islets of Dadan (大膽) and Erdan (二膽) — both of which are part of Kinmen County — yesterday afternoon when it encountered personnel from China’s Fujian Coast Guard Bureau. China Coast Guard personnel forced their way on board and conducted an inspection for about 30 minutes before leaving, local media cited the tourists as saying. The
SEEKING CALM: The US called for maintaining the ‘status quo,’ while the Ministry of National Defense said it would not bolster defenses in the area to avoid raising tensions Taiwanese should have greater faith in the government’s investigation into the capsizing of a Chinese vessel that resulted in the death of two Chinese fishers last week, the Coast Guard Administration (CGA) said yesterday, adding that Taiwan abides by the rule of law. On Wednesday last week, a Chinese speedboat was spotted trespassing in “prohibited” waters within 1.1 nautical miles (2km) of the east coast of Kinmen. It fled after refusing the coast guard’s request to board the vessel, setting off a chase that led to the boat capsizing, with two Chinese fishers dying. Two survivors were deported back to China