Attacks Show Need for In-Depth Security Defenses
To date, the attack on Lockheed Martin was apparently the most intense so far. The sophistication and tenacity of the attack helps confirm the thinking that this was a state-sponsored attack. The attack also confirmed that Lockheed Martin is a much tougher target than it was a few years ago. In fact, one Washington IT staffer, who asked that he not be identified because of his position as a government employee, said that Lockheed Martin might have been picked by the hackers because it is "the gold standard" when it comes to security. The staffer said that Lockheed Martin's security is so good that it's widely considered to be impossible to breach. The lesson from Lockheed Martin's successful repulsion of this attacker is that you need to have defense in depth. You can't depend on passwords, security tokens or encryption alone. You need all of that, and you need more. Your network should have internal firewalls, it should have the routers set so they only accept traffic from specific MAC addresses, and you need to have an up-to-date intrusion-prevention and detection system.
Sounds serious, right? That's because it is serious. While it may be that you have no useful information regarding any of the targets that these state-sponsored hackers want, that won't stop them from taking advantage of what they do find on your network. The bottom line is that the new edition of the Cold War has begun, and this time it's a "cyber-cold war." You need to be careful not to be caught in the crossfire.