Duplicate RSA Keys Enable Lockheed Martin Network Intrusion 138
An anonymous reader writes "Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other US military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to 'SecurID' electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter." There's also coverage at PC Magazine.
Spoken like a true spokesperson... (Score:5, Insightful)
and we remain confident in the integrity of our robust, multi-layered information systems security
Translation: Our system's breached but maybe you won't realize that if I throw enough buzz words at you...
Does RSA store usernames and pins? (Score:3, Insightful)
Re:Spoken like a true spokesperson... (Score:5, Insightful)
Re:Spoken like a true spokesperson... (Score:4, Insightful)
As the one official said (which was almost completely ignored by the article's authors), there should be little risk to actual projects. Really, what they got was access to "TPS reports", and other such documents. Now, there may be an issue with "Export Control" as even if some documents are unclassified, they may not be allowed to be transmitted to certain countries. But all the real information is on that other network which you need physical access to hack, which is one of the easiest things to secure.