Lockheed network suffers major disruption: sources

Reuters News
|
Posted: May 26, 2011 4:28 PM
Lockheed network suffers major disruption: sources

By Andrea Shalal-Esa and Jim Finkle

WASHINGTON/BOSTON (Reuters) - Lockheed Martin Corp, the Pentagon's No. 1 supplier, is experiencing a major disruption to its computer systems that could be related to a problem with network security, two sources familiar with the issue said on Thursday.

Lockheed, the biggest provider of information technology to the U.S. government, is grappling with "major internal computer network problems," said one of the sources who was not authorized to publicly discuss the matter.

A second source, who also asked not to be identified, said the issue was "affecting a lot of people" at Lockheed, maker of the stealthy F-22 and F-35 fighter planes and other critical weapons systems.

Lockheed, which employs 133,000 people worldwide and had $45.8 billion in revenues last year, said it does not discuss specific threats or responses as a matter of principle, but regularly took actions to counter threats and ensure security.

"We have policies and procedures in place to mitigate the cyber threats to our business, and we remain confident in the integrity of our robust, multilayered information systems security," said spokesman Jeffery Adams.

Big corporations -- especially government contractors -- keep matters of internal security secret and rarely publicly disclose problems in securing their networks.

Yet companies do occasionally reveal such attacks, sometimes forced by financial disclosure laws or by the large impact on customers.

Sony Corp, for example, last month disclosed that hackers had accessed personal data of some 100 million customers and was forced to shut down its PlayStation Network online gaming system.

The sources said Lockheed employees were still able to use mobile devices to access their company email accounts.

The slowdown began on Sunday after security experts for the company detected an intrusion to the network, according to technology blogger Robert Cringely. He said it involved the use of SecurID tokens that employees use to access Lockheed's internal network from outside its firewall,

A spokesman for EMC Corp, whose RSA division makes the tokens, declined to comment, saying it is company policy to never discuss security issues affecting specific customers.

EMC disclosed in March that hackers had broken into its network and stolen some information related to its SecurIDs. It said that the information could potentially be used to reduce the effectiveness of those devices in securing a customer's network.

Steve Winterfeld, cyber technical lead at TASC, an advanced systems company spun off from Northrop Grumman Corp, said RSA had not provided any details of how hackers broke into its network, which meant the hackers could have used the same method to attack other corporations.

He said TASC and other companies were extremely concerned about the breach, which meant that the SecurID tokens could no longer be viewed as completely secure.

"You have no idea how many people are freaked out right now," Winterfeld told Reuters. "TASC is no longer treating the RSA device as if it were as secure as it was beforehand."

MONITORING CENTER

Loren Thompson, chief operating officer of the Lexington Institute, and a consultant to Lockheed, said the company monitored every node on its vast global computer network from a large operations center in a Maryland suburb near Washington, D.C.

"If it sees signs that the network is being compromised by outsiders it will shut down whole sectors of the network to protect information," Thompson said.

He said Lockheed had advanced networking monitoring tools that gave it a "much better understanding of their systems' status than most other organizations, including the Department of Defense."

He said the incident underscored massive challenges faced by corporate and government computer networks in "an age where everybody has access to ubiquitous digital communications."

Lockheed has been a frequent target of cyber attacks by individual hackers and foreign governments, said one industry executive, who was not authorized to speak publicly. "The Chinese had been after them forever," this executive said.

Winterfeld noted that both China and Russia had developed stealthy fighter jets sooner than expected, raising questions about whether those countries had penetrated U.S. networks involved with development of U.S. stealth technology.

Lockheed teamed up this month with Carnegie Mellon University to open a new cyber laboratory in Pittsburgh.

At the time, Rick Ambrose, president of Lockheed's information systems division, said potential cyber attackers were "getting smarter, faster, and more sophisticated every day."

The company has been working to help accelerate response times, protect smartphones, and pinpoint potential vulnerabilities in government and corporate networks.

(Reporting by Jim Finkle and Andrea Shalal-Esa; Editing by Tim Dobbyn)