US military contractor L-3 Communications, whose customers include the US Department of Defense, has been named in a news report as having been targeted in attacks by external hackers.
According to reports, L-3 warned 5,000 employees in April about an attempted hack against the company’s network using forged RSA SecurID tokens.
The claim, by Wired magazine, follows news earlier this week that US military giant Lockheed Martin had been subject to its own hacking attack, with RSA SecurID token security once again in the frame.
An anonymous source told Wired that L-3 “uses SecurID for remote employee access to the unclassified corporate network, but classified networks at the company would not have been at risk in the attack.”
RSA Security, a division of EMC, admitted in March that it had been hacked, and that some of the information stolen was specifically related to RSA’s SecurID two-factor authentication products.
There will obviously be some who will point fingers at China as likely suspects for the probes into the networks of US military suppliers, but until some evidence is made public it’s only going to be speculation.
As RSA has chosen to keep largely schtum about what was taken from them – and we can hardly expect the military contractors to share much detail – your guess is as good as mine right now.
What does seem clear, however, is that stories of hacking into military and government systems has never had a higher profile. Bear that in mind when you read news reports that The Pentagon is working on a Cyber Defense Strategy that could see an internet attack treated as though it were an “act of war”.