Second Defense Contractor L-3 ‘Actively Targeted’ With RSA SecurID Hacks

Kevin Poulsen

An executive at defense giant L-3 Communications warned employees last month that hackers were targeting the company using inside information on the SecurID keyfob system freshly stolen from an acknowledged breach at RSA Security.

The L-3 attack makes the company the second hacker target linked to the RSA breach — both defense contractors. Reuters reported Friday that Lockheed Martin had suffered an intrusion.

“L-3 Communications has been actively targeted with penetration attacks leveraging the compromised information,” read an April 6 e-mail from an executive at L-3’s Stratus Group to the group’s 5,000 workers, one of whom shared the contents with on condition of anonymity.

It’s not clear from the e-mail whether the hackers were successful in their attack, or how L-3 determined SecurID was involved. L-3 spokeswomen Jennifer Barton declined comment last month, except to say: “Protecting our network is a top priority and we have a robust set of protocols in place to ensure sensitive information is safeguarded. We have gotten to the bottom of the issue.” Barton declined further comment Tuesday.

Based in New York, L-3 Communications ranks eighth on Washington Technology’s 2011 list of the largest federal-government contractors. Among other things the company provides command-and-control, communications, intelligence, surveillance and reconnaissance (C3ISR) technology to the Pentagon and intelligence agencies.

In the Lockheed breach, attackers may have gained access by cloning the SecurID keyfobs of Lockheed users.

Together, the attacks suggest the RSA intruders obtained crucial information — possibly the encryption seeds for SecurID tokens — that they’re using in targeted intelligence-gathering missions against sensitive U.S. targets.

Read More>>

Comments are closed.

%d bloggers like this: