June 7, 2011

Hackers Compromise SecurIDs At Lockheed Martin

EMC Ltd., a data storage company, has offered to replace millions of potentially compromised "SecurID" electronic keys after hackers used data stolen from its RSA security division to break into Lockheed Martin's network.

Hackers attacked Lockheed Martin last month, underscoring a growing threat to U.S. national security.

RSA said in a letter published on its website that it confirmed information was taken from it in March.

"Certain characteristics of the attack on RSA indicated that the perpetrator's most likely motive was to obtain an element of security information that could be used to target defense secrets and related (intellectual property)," RSA said in Monday's letter.

RSA said it will "replace SecurID tokens for customers with concentrated user bases typically focused on protecting intellectual property and corporate networks."

Lockheed's networks house sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan.

Lockheed is the maker of the F-16, F-22 and F-35 fighter jets as well as warships and other multibillion-dollar arms systems sold around the globe.

Other big corporations have suffered from major hacking attacks recently, including Sony Corp. and Google.

The electronic keys work by using a two-pronged approach to confirm the identity of a person that is trying to access a computer system.

The keys are designed to thwart hackers trying to use key-logging viruses to capture passwords by constantly generating new passwords to enter the system.

The SecurID generates new strings of digits on a minute-by-minute basis that the user must enter along with a secret PIN before they are able to access the network.

If the user fails to enter the correct string before it expires, access is denied.

Experts believe that hackers who broke into RSA collected key information used to generate the tokens, allowing them to create fake ones, which could be used to attempt a breach of secure networks.

Former RSA manager Andy Kemshall said "The algorithm used by RSA to generate the numbers is available in the public domain so the only thing that stops a hacker from creating numbers is knowledge of what is called the seed record."

"It appears that somebody was generating six digit numbers in the Lockheed Martin breach and the statistical odds of getting the right numbers is one in 10 million so it seems likely that the hackers had knowledge of the seed records," he told BBC.


Image Caption: An RSA SecurID SID800 token without USB connector. Credit: Wikipedia   


On the Net: