Lockheed took 'aggressive actions' against cyberattack

Lockheed Martin Corp. reported that it experienced a determined cyberattack against one of its networks, which forced the defense contractor to shutdown the network.

The attack, which occurred May 21, was detected immediately and the company “took aggressive actions to protect all systems and data,” according to a May 28 statement by Lockheed. The company still wasn't using the network a week after the attack.  

The company’s statement says that Lockheed’s systems are secure and no customer, program or employee personal data was compromised. Lockheed has a team working around the clock to restore employee access to the network and maintain “the highest level of security.”

The company did not say what network was attacked or what kind of data or systems were targeted.

The Defense Department also downplayed the potential damage from the attack, according to the Washington Post. 

“Impact to DOD is minimal,” Air Force Lt. Col. April Cunningham, a department spokesman told the Post via e-mail.

DOD and the Homeland Security Department offered their help in determining the extent of the attack and providing analysis to mitigate further risks, Bloomberg reported. 

Gopal Ratnam of Bloomberg reported that the breach may have involved RSA’s SecurID, a mobile security system that apparently was the target of a cyberattack on RSA in March.

In that attack, data on the SecurID authentication products were taken. The same products are used by Northrop Grumman Corp. and Raytheon Co., according to Bloomberg.

PCMagazine reported that the hackers spoofed SecurID tokens to gain access to Lockheed’s network. 

According to PCMagazine, Lockheed has added another layer of security to the remote login procedure and reset employee passwords.