Lockheed Martin breach linked to RSA SecureID attack

Last week’s data security breach at US defence contractor Lockheed Martin was perpetrated by the same attackers who breached RSA Security’s systems earlier this year, one security advisory company has claimed.

Late last week, Lockheed Martin revealed that on 21 May it became aware of a “significant and tenacious” attack on its information systems network.

The company said that its staff had detected the attack “almost immediately” and were able to quickly thwart the attack, such that no customer, program or employee personal data was compromised.

According to NSS Labs, a security advisory organisation, this attack follows directly from a breach at RSA Security in March, in which attackers may have acquired the means to crack RSA’s SecureID two-factor authentication systems.

“[We] believe that this attack was carried out by the original RSA attackers,” a statement from NSS Labs read.

If that’s the case, this would be an example of what some security organisations label a ‘multi-staged attack’, in which perpetrators will stage several smaller attacks over a long period of time, in order to facilitate a large-scale primary breach later down the line.

“Given the military targets, and that millions of compromised keys are in circulation, this is not over,” NSS Labs warned.