Strike three: Speculation rises that another US military contractor has been hit by hackers

Filed Under: Data loss, Malware, Vulnerability

Military aircraftFox News is reporting that US military contractor Northrop Grumman may have suffered a hacking attack on its networks.

If true, the defense giant will be joining the likes of L-3 Communications and Lockheed Martin who have both been targeted in recent weeks by cyber attacks.

According to Fox News, Northrop Grumman unexpectedly shut down remote access to its network on May 26th, just five days after Lockheed Martin detected that unauthorised persons had infiltrated its systems.

A anonymous source at Northrop Grumman, which is the US's second-largest defense contractor, told Fox News that the sudden lockdown was a shock to staff:

"We went through a domain name and password reset across the entire organization. This caught even my executive management off guard and caused chaos. I've been here a good amount of time and they've never done anything this way - we always have advanced notice."

SecurID tokenSpeculation is rising that what links the L-3, Lockheed Martin and Northrop Grumman security breaches are RSA's SecurID tokens - devices used by many organisations worldwide to provide two factor authentication for remote staff.

In March, RSA admitted that it had been hacked, and some of the information stolen was specifically related to their SecurID two-factor authentication products.

RSA, the security division of EMC, hasn't been forthcoming about the precise details of what was taken when they were hacked - but now that a third military contractor appears to have suffered as a consequence, there will be many firms keen to hear more details of how they should protect themselves.

, , , , ,

You might like

4 Responses to Strike three: Speculation rises that another US military contractor has been hit by hackers

  1. Pez · 1589 days ago

    Does it really matter who? I assume it's either: for monetary gain, or for fun. The latter really doesn't matter, their activities have unleashed a flurry of "oh my" activity. Hackers aren't going away..

    So follow the money. It could be motivated by a firm or foreign government (is there a difference?) trying to steal information. If they're an end-user, their motives are numerous -- technology, chaos to manipulate stock price, a security competitor trying to discredit RSA's touchy-feely magic-number widgets, or a vendor or customer trying to gain advantage on a transaction-in-progress. (Srsly, these companies sell billions of dollars of arms to dozens of countries, so a few percent advantage in any deal is huge.)

  2. Pete · 1589 days ago

    I would agree with Pez and further add that my bet is China Gvt.

  3. guest · 1589 days ago

    Is this really a surprise to anyone?

  4. ali · 1588 days ago

    this shows the real situation of usa def contractor security arrangments

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley