Lockheed hit by cyber attack

Despite the severity of the attack, Lockheed Martin and the Defense Department say that little damage was done.

Lockheed Martin Corp. reported that a major cyber attack caused the company to shutdown one of its networks and still isn't using the network a week later.

The attack, which occurred May 21, was detected immediately and the company “took aggressive actions to protect all systems and data,” according to a May 28 statement by Lockheed. 

The company’s statement says that Lockheed’s systems are secure and no customer, program or employee personal data was compromised. Lockheed has a team working around the clock to restore employee access to the network and maintain “the highest level of security.”

The company did not say what network was attacked or what kind of data or systems were targeted.

The Defense Department also downplayed the potential damage from the attack, according to the Washington Post

“Impact to DOD is minimal,” Lt. Col. April Cunningham, a department spokesman told the Post via email.

DOD and the Homeland Security Department offered their help in determining the extent of the attack and providing analysis to mitigate further risks, Bloomberg reported

Gopal Ratnam of Bloomberg reported that the breach may have involved RSA’s SecurID, a mobile security system that apparently was the target of a cyber attack on RSA in March.

In that attack, data on the SecurID authentication products were taken. The same products are used by Northrop Grumman Corp. and Raytheon Co., according to Bloomberg.

PCMagazine reported that the hackers spoofed SecurID tokens to gain access to Lockheed’s network. 

According to PCMagazine, Lockheed has added another layer of security to the remote login procedure and reset employee passwords.