This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

How much can RSA's SecurID tokens be to be blame for the Lockheed Martin hack?

Share this article:

Both Lockheed Martin and RSA have been blamed for the hack on the defence contractor's network last week.

Writing on the Digital Dao blog, founder and CEO of Taia Global Jeffrey Carr claimed that the extent of the RSA SecurID breach was worse than EMC reported.

Analysing the language used by Lockheed Martin in its statement, Carr pointed at the use of the word ‘tenacious' saying that this means ‘not easily dispelled' and ‘persisting in existence'.

He said: “An attack cannot be ‘swiftly' dealt with and ‘persistent' at the same time. Further ‘almost immediately' doesn't reconcile with the timeline provided by the above publicly available data, which implies that the attackers had up to 24 hrs of access to Lockheed's network before VPN access was shut off.

“Finally, while Lockheed claimed that no customer, program or employee data had been compromised, it was significant enough for President Obama to receive a personal briefing on it, and for Department of Homeland Security and Department of Defence (and presumably NSA) to offer their assistance on Lockheed's investigation.”

Carr also said that Lockheed Martin had slightly over two months from the time that EMC notified them and other RSA SecurID customers about their breach and at that time, at least one prime defence contractor (not Lockheed Martin) made the decision to stop using RSA SecurIDs for its senior staff and found a completely different vendor to supply their security tokens.

“Based upon their remediation actions for this breach, Lockheed Martin's senior executives chose to do very little about the compromised SecurID token technology in spite of many warnings issued by security specialists about the potential after effects of the RSA attack,” said Carr.

“Of particular note is the warning issued by ICANN's Whitfield Diffie, a crytographic expert who told John Markoff of the New York Times that ‘a worst case scenario would be that the intruder could produce cards that duplicate the ones supplied by RSA, making it possible to gain access to corporate networks and computer systems'.”

Steve Watts, co-founder of SecurEnvoy, said that the blame for the breach should be laid at Lockheed Martin's own IT security review procedures.

He said: “The RSA Security breach occurred in mid-March, which has given its users more than two months to review their reliance on RSA Security's technology on their systems. So the question here is: what has Lockheed Martin's IT department been doing for the last ten weeks?

“That entire affair should have triggered alarm bells ringing in any corporate IT security office, especially given RSA's deafening silence at the time. For Lockheed Martin's IT security managers to blame an apparent successful incursion into their systems on a ten-week old widely-reported breach of one of their key IT suppliers is diverting publicity from its own security process failings.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

VC cyber security funding tops £850 million

VC cyber security funding tops £850 million

A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone.

Russian/Chinese cyber-security pact raises concerns

Russian/Chinese cyber-security pact raises concerns

News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.

UK police arrest trio over £1.6 million cyber theft from cash machines

UK police arrest trio over £1.6 million cyber ...

London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million.