Attacks Show Need for In-Depth Security Defenses

By Wayne Rash  |  Posted 2011-06-01 Print this article Print

To date, the attack on Lockheed Martin was apparently the most intense so far. The sophistication and tenacity of the attack helps confirm the thinking that this was a state-sponsored attack. The attack also confirmed that Lockheed Martin is a much tougher target than it was a few years ago. In fact, one Washington IT staffer, who asked that he not be identified because of his position as a government employee, said that Lockheed Martin might have been picked by the hackers because it is "the gold standard" when it comes to security. The staffer said that Lockheed Martin's security is so good that it's widely considered to be impossible to breach.

The lesson from Lockheed Martin's successful repulsion of this attacker is that you need to have defense in depth. You can't depend on passwords, security tokens or encryption alone. You need all of that, and you need more. Your network should have internal firewalls, it should have the routers set so they only accept traffic from specific MAC addresses, and you need to have an up-to-date intrusion-prevention and detection system.

Sounds serious, right? That's because it is serious. While it may be that you have no useful information regarding any of the targets that these state-sponsored hackers want, that won't stop them from taking advantage of what they do find on your network. The bottom line is that the new edition of the Cold War has begun, and this time it's a "cyber-cold war." You need to be careful not to be caught in the crossfire.

For most companies, a breach of personal information or credit card data can be damaging to the extent that it can ultimately cause the company to go out of business. This is usually not considered a good outcome by security professionals. For that matter, neither are stories about lost information or irate customers. While the credit card numbers may not be state secrets, they're still very important to your customers, and they need protection.

There is an attitude in many companies that protecting personal information is nice in theory, but not so important in practice because it's inconvenient or costs money. But inconvenience and cost will grow exponentially if your security system isn't well-designed. Every company's senior executives should ask themselves what is less convenient-implementing stronger security or being forced to bail out your CEO in the middle of the night because he was charged with violations to compliance laws?

It's also essential to remember that security is just as important for business partners as it is for you. If you don't require your business partners to have at least as much security as you require for yourself, then you can't allow them into your network. One of the features of the attack on Lockheed Martin is that the attackers tried to use business partners' networks as a pathway to Lockheed Martin when it couldn't break into the network directly. It didn't work, and it shouldn't work for your business partners either. 


Wayne Rash Wayne Rash is a Senior Analyst for eWEEK Labs and runs the magazineÔÇÖs Washington Bureau. Prior to joining eWEEK as a Senior Writer on wireless technology, he was a Senior Contributing Editor and previously a Senior Analyst in the InfoWorld Test Center. He was also a reviewer for Federal Computer Week and Information Security Magazine. Previously, he ran the reviews and events departments at CMP's InternetWeek.

He is a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine. He is a regular contributor to Plane & Pilot Magazine and The Washington Post.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel