Lockheed Martin got pwned - DiscussWorldIssues - Socio-Economic Religion and Political Uncensored Debate

**Uplillacype** · 05-28-2011, 04:48 PM

http://www.nytimes.com/2011/05/28/bu...hack.html?_r=1

Doesn`t sound to bad, does it?

http://www.cringely.com/2011/05/inse...-more-secrets/

Late on Sunday all remote access to the internal corporate network was disabled. All workers were told was that it would be down for at least a week. Folks who regularly telecommute were asked to come into nearby offices to work. Then earlier today (Wednesday) came word that everybody with RSA SecureID tokens would be getting new tokens over the next several weeks. Also, everybody on the network (over 100,000 people) would be asked to reset their passwords, which means admin files have probably been compromised.

**iceleliewBync** · 05-28-2011, 04:55 PM

Well, Lockheed Martin Owns the American Tax Payers.

Hard.

http://www.spacex.com/

**DJElizardo** · 05-28-2011, 05:17 PM

un-SecurID... ouch

**Dfvgthyju** · 05-28-2011, 09:12 PM

Odds that it was a Chinese sponsored attack?

**pavilionnotebook** · 05-29-2011, 08:39 PM

un-SecurID... ouch

Indeed... Pretty much all of our clients have been switched away from them, beginning with the initial RSA breach.

RSA had the option to fully disclose the extent of their breach, but instead they chose to keep the vast majority of their customers in the dark. Now, if they don't pony up the information fast they'll have a mass exodus of their customers to other two-factor solutions.

As for saying the password change meant a compromise of Lockheed's admin files, that's not necessarily true. It's a standard security operating procedure in most enterprise to force password changes @ the next login; some even go so far as automatically resetting all of the passwords and requiring employees to contact their support services to get them changed.

Odds that it was a Chinese sponsored attack?

Extremely high.

**Wahwlsnt** · 05-30-2011, 01:11 AM

http://www.reuters.com/article/2011/...74S09220110529

"As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure," Jennifer Whitlow, a Lockheed spokeswoman, said in an e-mailed statement. "No customer, program or employee personal data has been compromised."

05-28-2011, 04:48 PM	#1
Uplillacype Join Date Oct 2005 Posts 492 Senior Member	Lockheed Martin got pwned http://www.nytimes.com/2011/05/28/bu...hack.html?_r=1 Doesn`t sound to bad, does it? http://www.cringely.com/2011/05/inse...-more-secrets/ Late on Sunday all remote access to the internal corporate network was disabled. All workers were told was that it would be down for at least a week. Folks who regularly telecommute were asked to come into nearby offices to work. Then earlier today (Wednesday) came word that everybody with RSA SecureID tokens would be getting new tokens over the next several weeks. Also, everybody on the network (over 100,000 people) would be asked to reset their passwords, which means admin files have probably been compromised. Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

05-28-2011, 04:55 PM	#2
iceleliewBync Join Date Nov 2005 Posts 605 Senior Member	Well, Lockheed Martin Owns the American Tax Payers. Hard. http://www.spacex.com/ Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

05-28-2011, 05:17 PM	#3
DJElizardo Join Date Oct 2005 Posts 456 Senior Member	un-SecurID... ouch Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

05-28-2011, 09:12 PM	#4
Dfvgthyju Join Date Oct 2005 Posts 548 Senior Member	Odds that it was a Chinese sponsored attack? Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

05-29-2011, 08:39 PM	#5
pavilionnotebook Join Date Oct 2005 Posts 527 Senior Member	un-SecurID... ouch Indeed... Pretty much all of our clients have been switched away from them, beginning with the initial RSA breach. RSA had the option to fully disclose the extent of their breach, but instead they chose to keep the vast majority of their customers in the dark. Now, if they don't pony up the information fast they'll have a mass exodus of their customers to other two-factor solutions. As for saying the password change meant a compromise of Lockheed's admin files, that's not necessarily true. It's a standard security operating procedure in most enterprise to force password changes @ the next login; some even go so far as automatically resetting all of the passwords and requiring employees to contact their support services to get them changed. Odds that it was a Chinese sponsored attack? Extremely high. Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

05-30-2011, 01:11 AM	#6
Wahwlsnt Join Date Oct 2005 Posts 412 Senior Member	http://www.reuters.com/article/2011/...74S09220110529 "As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure," Jennifer Whitlow, a Lockheed spokeswoman, said in an e-mailed statement. "No customer, program or employee personal data has been compromised." Share Share this post on Digg Del.icio.us Technorati Twitter
	Quote

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)