This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

How much can RSA's SecurID tokens be to be blame for the Lockheed Martin hack?

Share this article:

Both Lockheed Martin and RSA have been blamed for the hack on the defence contractor's network last week.

Writing on the Digital Dao blog, founder and CEO of Taia Global Jeffrey Carr claimed that the extent of the RSA SecurID breach was worse than EMC reported.

Analysing the language used by Lockheed Martin in its statement, Carr pointed at the use of the word ‘tenacious' saying that this means ‘not easily dispelled' and ‘persisting in existence'.

He said: “An attack cannot be ‘swiftly' dealt with and ‘persistent' at the same time. Further ‘almost immediately' doesn't reconcile with the timeline provided by the above publicly available data, which implies that the attackers had up to 24 hrs of access to Lockheed's network before VPN access was shut off.

“Finally, while Lockheed claimed that no customer, program or employee data had been compromised, it was significant enough for President Obama to receive a personal briefing on it, and for Department of Homeland Security and Department of Defence (and presumably NSA) to offer their assistance on Lockheed's investigation.”

Carr also said that Lockheed Martin had slightly over two months from the time that EMC notified them and other RSA SecurID customers about their breach and at that time, at least one prime defence contractor (not Lockheed Martin) made the decision to stop using RSA SecurIDs for its senior staff and found a completely different vendor to supply their security tokens.

“Based upon their remediation actions for this breach, Lockheed Martin's senior executives chose to do very little about the compromised SecurID token technology in spite of many warnings issued by security specialists about the potential after effects of the RSA attack,” said Carr.

“Of particular note is the warning issued by ICANN's Whitfield Diffie, a crytographic expert who told John Markoff of the New York Times that ‘a worst case scenario would be that the intruder could produce cards that duplicate the ones supplied by RSA, making it possible to gain access to corporate networks and computer systems'.”

Steve Watts, co-founder of SecurEnvoy, said that the blame for the breach should be laid at Lockheed Martin's own IT security review procedures.

He said: “The RSA Security breach occurred in mid-March, which has given its users more than two months to review their reliance on RSA Security's technology on their systems. So the question here is: what has Lockheed Martin's IT department been doing for the last ten weeks?

“That entire affair should have triggered alarm bells ringing in any corporate IT security office, especially given RSA's deafening silence at the time. For Lockheed Martin's IT security managers to blame an apparent successful incursion into their systems on a ten-week old widely-reported breach of one of their key IT suppliers is diverting publicity from its own security process failings.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

'Sophisticated' Chinese hackers launched attacks against 43,000 computer ...

A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.