Another Breach In The Wall
Image by gpjt via Flickr
Hard Times to come for U.S. Defense Contractors: it looks like each new day reveals information of a new cyber-attack to military technology companies using (alleged) compromised SecureID seeds.
This time Fox News reports that Northrop Grumman, another Defense Contractor has been the victims of a Cyber Attack, on On May 26, when the company shut down remote access to its network without warning, catching even senior managers by surprise and leading to speculation that a similar breach had occurred.
Even if there is no evidence so far that the cyber attack could be the consequence of the RSA Breach on March, there are at least two strange coincidences: the fact that this is the third attack to a U.S. Defense Contractor unleashed in less than a week (after Lockheed Martin and L-3), and the fact that Northrop Grumman is an RSA SecureID customer.
If the attack should be confirmed to have been carryed out by mean of compromised seeds, this would undoubtely confirm the RSA Breach was only the first stage of a (vertical) cyber-operation targeted to steal U.S. Military secretes (at this point I would not be surprised if other institutions belonging to different verticals are already under attack without realizing it).
Probably, as David Cenciotti said in a post of ysterday, it is time to rethink Strong Authentication: “something you know and something you have” is revealing to be a too weak paradigm if compared with the strenghts of Ciberweapons (because we are talking of Cyberweapons) who have shown to be capable to subtract any kind of data, sometimes leveraging users’ naivety with old-school techniques).
Morevoer also the users should be educated to face the new shape of cyberwar phishing if it is true, as it supposed to have happened in case of Lockheed Martin, that phishing techniques were used to map users to their token.
Biometrics Reloaded?
Related articles
- Top Defense Tech FirmStruck by Cyberattackers (foxnews.com)
- Some Random Thoughts On RSA Breach (paulsparrows.wordpress.com)
- (IN)SecureID (paulsparrows.wordpress.com)
-
June 2, 2011 at 7:29 pm | #1Seeds On Sale? « Il Blog di Paolo Passeri
-
June 7, 2011 at 9:32 am | #2Seeds For Free « Il Blog di Paolo Passeri
-
June 22, 2011 at 7:01 pm | #32011 CyberAttacks Timeline « Il Blog di Paolo Passeri
-
July 12, 2011 at 12:45 am | #4Another One Bytes The Dump « Il Blog di Paolo Passeri
-
July 15, 2011 at 10:19 am | #5The Mother Of All Breaches « Il Blog di Paolo Passeri
-
July 20, 2011 at 5:32 pm | #6The Two Faces of Hacking « Il Blog di Paolo Passeri
-
August 16, 2011 at 7:50 pm | #7Antisec hacks another Defense Contractor? « Il Blog di Paolo Passeri
-
August 26, 2011 at 10:16 am | #8Finally I Saw One! « Il Blog di Paolo Passeri
-
December 15, 2011 at 6:05 pm | #9One Year Of Lulz (Part I) « Il Blog di Paolo Passeri
-
February 21, 2012 at 3:01 pm | #10Exclusive Infographic: all Cyber Attacks on Military Aviation and Aerospace Industry « The Aviationist
Leave a Reply
About The Author
Support My Work!
Share:
News
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
Visitors from…
