Lockheed Martin Shuts Down Remote Network Access After Detecting Intrusion | eWeek

Lockheed Martin Shuts Down Remote Network Access After Detecting Intrusion

May 27, 2011
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Lockheed Martin has been battling a “major disruption” to its computer systems after its IT security team detected a network intrusion earlier this week, Reuters reported.

The disruption began May 22 when the company detected an intrusion to the network, according to the May 26 Reuters story, which cited technology blogger Robert Cringley. Cringley claimed the breach involved RSA SecurID tokens that Lockheed employees use to access the internal network remotely.

Lockheed has notified the Pentagon about the problem, and it is working closely with the company’s IT team to gather information about the situation. However, the company has not confirmed that the issues with its network are related to a security breach. Lockheed does not discuss specific threats or responses as a matter of principle, a company spokesperson told Reuters.

The company has reset all passwords for its employees and suspended remote access to email and other corporate applications, according to The Register. Unnamed sources told Reuters that employees can still use their mobile devices to check company email.

Cringley said the incident may be tied to or at least use the information stolen from RSA Security back in February. All remote access to the Lockheed’s internal network using the company’s virtual private network (VPN) software was disabled on May 22. Employees who regularly telecommute were asked to come into nearby offices to work, according to Cringley.

Employees were told on May 25 they will be getting new RSA SecurID tokens “over the next several weeks,” Cringley said. Cringley estimated that 100,000 personnel will have to be issued new tokens before remote access is restored, a process that will take at least a week.

“You have no idea how many people are freaked out right now,” Steve Winterfeld, cyber technical lead at TASC, an advanced systems company spun off from Northrop Grumman, told Reuters. TASC and other companies are no longer treating the RSA SecurID token as completely secure, according to Winterfeld.

Replacing those SecurID tokens can potentially cost an estimated $1.30 per token, Avivah Litan, a distinguished analyst at Gartner, told eWEEK. The costs include direct costs of the token as well as indirect costs such as overhead, support and shipping.

Organizations should have multiple layers of security and not be relying entirely on the tokens, Brian Berger, executive vice president of Wave Systems, told eWEEK. Built-in hardware security could help maintain remote access because only those authorized computers can access the network and it’s easy to identify when an intruder from an unknown machine enters the network, Berger said.

RSA never publicly disclosed exactly what the unknown attackers stole during its security breach, other than the fact that it was “information relating to the SecurID technology.” Sources have told eWEEK that RSA has disclosed what was lost to certain organizations under NDA. An attacker would need several pieces of information about the token before mounting a successful attack, such as customer data, token seed values and individual PIN codes. None of these pieces of data is held by RSA.

Lockheed Martin is the biggest provider of information technology to the U.S, government and supplies the Department of Defense with F-22 and F-35 fighter plans and other critical weapons systems. It employs 126,000 people worldwide.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.