.png)
A Lockheed Martin F-16 Fighting Falcon is shown in a file photo in an air show in Bangalore, India. Lockheed Martin, the nation's No. 1 defense contractor, was subject to a cyber-attack last week. No data was breached, the company claimed. (Dibyangshu Sarkar/AFP/Getty Images)
NEW YORK—Lockheed Martin Corp., the nation’s biggest defense contracting firm, confirmed on Sunday that on May 21, the company repelled a “significant and tenacious attack” on its information systems.
Lockheed said that although a cyber-attack was detected, it was able to fend off the intrusion and was confident that no information had been stolen. “No customer, program, or employee personal data has been compromised,” Lockheed said in a statement.
Several U.S. federal agencies are assisting Lockheed in tracing the attacks, including the Department of Homeland Security and the Department of Defense, the Bethesda, Md.-based company announced.
The attack was carried out using duplicated keys from RSA SecurID tokens, which are security tokens used by enterprise employees to access confidential information. Employees access confidential data often by using a password in addition to a SecurID code, which is randomly generated and changes every 60 seconds. RSA, which counts numerous corporations and defense contractors, is owned by Massachusetts-based EMC Corp.
While no information is allegedly compromised, an attack on Lockheed is nevertheless alarming. The company manufactures the F-16 and F-22 fighter aircrafts, and is a developer of the upcoming F-35 Lightning II next-generation fighter jet aircraft. Lockheed also develops and sells other military hardware and weapons systems.
The U.S. Department of Defense (DOD) said that direct impact of the attack suffered by Lockheed on it was negligible, according to Reuters. "Impact to DOD is minimal and we don’t expect any adverse effect," said Lt. Col. April Cunningham.
RSA Breach
The recent attack on Lockheed is believed to have been connected to an attack in March on RSA, which said that it sustained an “extremely sophisticated cyber-attack” of its own, according to a letter to customers from Art Coviello, RSA’s chairman.
Although at the time RSA did not believe the attack could lead to direct hacking of any clients’ systems and information, the data obtained could be used by the attacker to make compromising clients’ data somewhat easier. “This information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack,” Coviello wrote.Last week’s attack on Lockheed was the latest in a string of recent high-profile cyber-attacks on large corporations. Last month, Japanese electronics giant Sony Corp. suffered a large security breach on its PlayStation Network that could have compromised the information of more than 70 million consumers.
