Another War-on-Terror Blog: Lockheed Martin, Oak Ridge, Spear Phishing, and Common Sense

Sunday, May 29, 2011

Lockheed Martin, Oak Ridge, Spear Phishing, and Common Sense

I mentioned the latest hack attempt in an American network yesterday. (May 28, 2011) Today, a Reuters article gave a bit more detail and background.¹

"Lockheed Martin Corp., the U.S. government's top information technology provider, said on Saturday it had thwarted 'a significant and tenacious attack' on its information systems network a week ago but was still working to restore employee access.

"No customer, program or employee personal data was compromised thanks to 'almost immediate' protective action taken after the attack was detected May 21, Jennifer Whitlow, a company spokeswoman, said in an emailed statement.

"She said the company, the world's biggest aerospace company and the Pentagon's No. 1 supplier by sales, was working around the clock to restore employee access to the targeted network while maintaining the highest security level....
(Reuters)

So far, so good - although I wonder just how confident the IT folks at Lockheed are, that "No customer, program or employee personal data was compromised."

Maybe this is cynical: but I remember when a Qantas desk jockey insisted that there had been "no explosion" on one of their flights. That didn't explain the hole in their A380 airliners, or debris in Indonesia. (Apathetic Lemming of the North (November 4, 2010))

Bad News, Denial, and the Real World

Some bureaucrats and managers seem to deny that a problem exists as a sort of knee-jerk reaction to bad news. That may work with hirelings who can be fired if they don't agree: or with equally-clueless organizational deadweight the (delusional?) boss reports to. I don't think it's effective when dealing with the real world, though. And that's another topic.

Whodunit - Good Question

Where the attack came from is still unknown, apparently. My guess is that folks at the Department of Homeland Security and the Pentagon are trying to find out, though. Lockheed's system had data about weapons that are in use, and under development: not the sort of think I'd want outfits like Al Qaeda to have. Or none-too-friendly national governments, for that matter.

Reuters says Lockheed isn't alone - the May 21 situation was the latest in a string of attacks on American military contractors. Reuters also said that contractors aren't the only targets. The article says there have been hack attacks on "...defense contractors, security companies and U.S. government labs, including the U.S. Energy Department's Oak Ridge National Laboratory, since the start of this year." That's according to Anup Ghosh, who has been a senior scientist at the Pentagon's Defense Advanced Research Projects Agency, and now runs Invincea, a software security company. Interestingly, Reuters has edited that detail out of the story, as I'm finishing this post. (For now WUOB still has that detail in their copy of the article. (1:47 p.m. Central, May 29, 2011))

So, why doesn't the government 'do something?'

America, Law, and Limited Government

Back to that Reuters article:

"...U.S. officials may investigate a cyber breach at a company's request. DHS, the lead agency for securing federal civilian networks, can deploy a team to analyze infected systems, develop mitigation strategies, advise on efforts to restore service and make recommendations for improving overall network security....
(Reuters)

A key phrase there is "...may...at a company's request." America is a nation of law - and some of those laws control what government agencies can and can't do. We're not the only country to work that way: but I think we do a pretty good job of maintaining a balance between a government that's meddlesome, and one that's ineffectual.

Which doesn't mean that I approve of intrusive and occasionally silly federal regulations - and that's a topic that's outside the scope of this blog.

Finally I'm acutely aware that America isn't perfect. And that's yet one more topic. (July 3, 2008)

How These Attacks Work

This really should be obvious: but it's a bad to click that link and give personal information. Even if the email seems to come from your bank/credit card company/whatever. I'll get back to that.

"...These attacks typically were carried out through so-called 'spear-phish' inducements to click on a certain link to web sites or through emailed attachments carrying malicious code.

"Once so compromised, a computer can surreptitiously download other code that can log a victim's key strokes, giving an attacker a path to potentially wide network access....

"...The person with direct knowledge told Reuters on Friday that an intrusion at Lockheed was related to a recent breach of 'SecurID' token authentication technology from EMC Corp's EMC.N RSA security division...."
(Reuters)

I put a link to some common-sense advice about spear phishing under "Background," below.

Besides making the point that most financial institutions don't ask you for your Social Security Number in an email - and that you shouldn't use the phone number that the probably-bogus email provides - there's the same advice I've heard for decades: If it sounds too good to be true, it probably is.

And that, again, is another topic.

Related post:

"Lockheed Martin Corp, SecureIDs, EMC, and All That"
(May 28, 2011)

In the news:

"Lockheed says thwarted 'tenacious' cyber attack"
Jim Wolf, Andrea Shalal-Esa (Paul Simao, Editor) Edition: U.S., Reuters (May 29, 2011)

Background:

"Spear Phishers"
FBI (April 1, 2009)

¹ Excerpt from Reuters article:

"...The Department of Homeland Security, or DHS, said that it and the Defense Department had offered to help curb the risk from the incident....

"...Several top cybersecurity experts with extensive government dealings said they were in the dark about the origin of the attack....

"...Cyber intruders were reported in 2009 to have broken into computers holding data on Lockheed's projected $380 billion-plus F-35 fighter program, the Pentagon's costliest arms purchase.

"A series of once-secret U.S. diplomatic cables released by the WikiLeaks website suggests that China has jumped ahead of the United States when it comes to cyber espionage...."
(Reuters)

No comments:

Blogroll

Note! Although I believe that these websites and blogs are useful resources for understanding the War on Terror, I do not necessarily agree with their opinions. ¹

American Islamic Congress
American-Islamic Forum for Democracy
Americas Interests.blog an Australian's perspective (on January 29, 2009 the author announced the end of new posts, and explained his reasons for doing so. He is, however, keeping the 21 months of accumulated posts on line, because of "the role that it plays in a larger ecosystem of information" - I recommend AI as an archival resource. )
Blog 4 Human Rights: Human Rights in Georgia (the nation) News, Opinions, Videos and Photos (Why blogroll this? Georgia is about 10% Muslim, very near the Middle East: and human rights is a critical part of the War on Terror.)
CAIR Council on American-Islamic Relations
The Capitol Tribune "A Journal by a Citizen and Servant of the Republic."
The Conservative Hawk An articulate conservative blog: definitely political, opinionated, informed, and intelligent
Defenders Council of Vermont "...our mission is to educate the citizens of Vermont about the nature, reality and threat of radical Islam, deepen Vermonters' understanding of America's heritage, honor the men and women of the armed services and their families, and support the efforts of others to help our armed forces work with local populations in foreign lands."
DefenseLink Blogger's Roundtable provides source material for stories in the blogosphere concerning the Department of Defense (DoD) by bloggers and online journalists.
FactCheck.org "aims to reduce the level of deception and confusion in U.S. politics". It's "a project of the Annenberg Public Policy Center of the University of Pennsylvania". From what I've seen, this non-partisan website must be quite annoying to all sides
Fiqh Council of North America "...a body of qualified Islamic scholars who live in the United States or Canada."
Foreign Policy Watch "Diplomatic strategy, international news, and thoughtful political analysis"
www.free-minds.org Another flavor of True Islam: one more articulate than many
Free Muslims Coalition "American Muslims and Arabs of all backgrounds who feel that religious violence and terrorism have not been fully rejected by the Muslim community in the post 9-11 era."
GlobalSecurity.org "Everyone is entitled to their own opinion, but not their own facts. We try to bring you the facts, to help you form your opinion."
Hudson Institute: Center on Islam, Democracy, and the Future of the Muslim World
IntelCenter "Our focus as a company is on studying terrorist groups and other threat actors and disseminating that information in a timely manner to those who can act on it."
Iraq the Model "New points of view about the future of Iraq."
Islam.com "...an information portal site on the internet that is pure, clean and 'worthy of its name', InshaAllah."
islamispeace.org.uk "...invites you to challenge your ideas of Islam and Muslims."
Islamic Circle of North America "... to seek the pleasure of Allah (SWT) through the struggle of Iqamat-ud-Deen (establishment of the Islamic system of life) as spelled out in the Qur'an and the Sunnah of Prophet Muhammad (pbuh)"
Islamic Republic News Agency Iran's official news agency
Islamic Society of Central Florida (ISCF) "...an organization which strives to serve the greater Central Florida community by catering to the social, religious, and educational needs of its Muslim inhabitants."
Islamic Society of North America "...playing a pivotal role in extending those bridges to include all people of faith within North America...."
(but note another view) )
Islamic World News أخبار العالم الاسلا
Michael J. Totten's Middle East Journal The War on Terror, as observed on the ground
Muir S. Fairchild Research Information Center A research resource for United States Air Force Air University students, "provided as a public service by Muir S. Fairchild Research Information Center and the Maxwell Support Division."
Muslamics Affad Shaikh and "A Writing Collaborative" This American Muslim Affad Shaikh, a very west-coast Muslim Los Angelano
Muslims Against Sharia An organization of Muslims, presumably dedicated "...to educate non-Muslims about the differences between moderate Muslims and Islamists..." - with a curious way of practicing Peace, Love Light, (words in their website's logo).
National Interest, and as a corollary, Primacy "These are indeed my personal pontifications on the vicissitudes of International Affairs." (Be prepared for big words, long sentences: and unexpected insights.)
PM’S World
Radio Free Europe/Radio Liberty "disseminating factual information and ideas"
The Straits Times (Singapore) "...strives to be an authoritative provider of news and views, with special focus on Singapore and the Asian region...."
Urban Conservative "Conservative 2.0 - A New Breed of Conservative
Why Islam? "... articles, books etc on Islam and comparative religion. ... initiated by volunteers from ICNA (Islamic Circle of North America). ..."

¹ Given a recent misunderstanding of the phrase "useful resources," a clarification: I do not limit my reading to resources which support my views, or even to those which appear to be accurate. Reading opinions contrary to what I believed has been very useful at times: sometimes verifying my previous assumptions, sometimes encouraging me to change them.

Even resources which, in my opinion, are simply inaccurate are sometimes useful: these can give valuable insights into why some people or groups believe what they do.

In short, It is my opinion that some of the resources in this blogroll are neither accurate, nor unbiased. I do, however, believe that they are useful in understanding the War on Terror, the many versions of Islam, terrorism, and related topics.

Visit us online:
Spiral Light Candle	• Find a Retailer • Spiral Light Candle Store