Wednesday, June 1, 2011

L-3 Communications, Grumman: Hack Attack

I'd like to think that most folks running major technology companies in America are a trifle less clueless than Dilbert's manager:

Unhappily, it doesn't take a pointy-haired manager, or executives who think "password1" is a strong password, to have security troubles.

A system like this sounds fairly safe, I think:
"...SecurID adds an extra layer of protection to a login process by requiring users to enter a secret code number displayed on a keyfob, or in software, in addition to their password. The number is cryptographically generated and changes every 30 seconds...."
The SecurID service probably worked pretty well. Until someone hacked into their system. We still don't know exactly what data was stolen, and how it's been used, but whats been happening to American defense contractors suggests that the encryption seeds for SecurID tokens is available to someone with Internet access.

And an interest in classified data about United States weapons systems.

This is not, in my considered opinion, good news. At all.

I've put excerpts from the last two days' news at the end of this post.1

There's probably going to be quite a bit of finger-pointing, as word of this these hack attacks spreads. One of the more sensible points to look into, I think, is why more clients of SecurID didn't change their systems after the original hack?!

Oh, Come On: How Bad Could It Be?

Someone speculated that the control system for Predator drones might be hacked with data that's quite possibly been taken from someone's network. About the best outcome of that might be that the drones wouldn't work at all. Someone with a little piloting skill and the right software might decide to hijack a Predator drone and send it on a new mission.

That, I think, would be bad news. But then, I'm one of those people who don't think that the military-industrial complex and Yankee imperialism is the greatest threat to world peace and spotted owls.

Looking beyond strictly military data, America - and a fair number of other countries - depends on a complex power grid and a telecommunications system for most of what we do every day. Which, for quite a few months each year here in Minnesota, includes keeping the temperature inside above freezing.

Back when the Y2K bug was being dealt with, I evaluated my household's resources. Happily, we didn't get a chance to test this: but I'm pretty sure we would have been okay for at least a few weeks, if the power had failed at midnight, December 31, 1999.2

Then there are nightmare scenarios, like someone getting clever with a pharmacy chain's prescription software. Think Colossus: The Forbin Project meets Dr. Giggles.

Maybe the power grid and phone system crashing in mid-winter wouldn't be so bad, after all.

Related posts:
In the news:

1 Excerpts from the news:
"Top military contractor Northrop Grumman Corp. may have been hit by a cyber assault, the latest in a string of alarming attacks against military suppliers...."

"...Lockheed Martin said its network had been compromised last week, and defense contractor L-3 Communications was targeted recently, as well. Both intrusions involved the use of remote-access security tokens, experts say.

"On May 26, Northrop Grumman shut down remote access to its network without warning -- catching even senior managers by surprise and leading to speculation that a similar breach had occurred...."

"...Charles Dodd, an information warfare consultant with Nisrad Cyber Research Institute, raised a scary possibility: Unmanned aerial vehicles such as the Predator can be controlled by computers. If hackers access those computers, can they operate those deadly drones?

" 'If adversaries get that technology, we may not be the one that controls those weapons,' he told Fox News.

"The network attacks spiral from a security breach in March, when hackers stole information related to RSA's SecurID access keys...."
"An executive at defense giant L-3 Communications warned employees last month that hackers were targeting the company using inside information on the SecurID keyfob system freshly stolen from an acknowledged breach at RSA Security.

"The L-3 attack makes the company the second hacker target linked to the RSA breach - both defense contractors. Reuters reported Friday that Lockheed Martin had suffered an intrusion.

" 'L-3 Communications has been actively targeted with penetration attacks leveraging the compromised information,' read an April 6 e-mail from an executive at L-3's Stratus Group to the group's 5,000 workers, one of whom shared the contents with on condition of anonymity...."

"...Together, the attacks suggest the RSA intruders obtained crucial information - possibly the encryption seeds for SecurID tokens - that they're using in targeted intelligence-gathering missions against sensitive U.S. targets....

"...SecurID adds an extra layer of protection to a login process by requiring users to enter a secret code number displayed on a keyfob, or in software, in addition to their password. The number is cryptographically generated and changes every 30 seconds...."
2 No 'survivalist' stuff: the water heater holds a pretty good supply of water, and the basement could be sealed off. It would have been cold and dark, though.


Brigid said...

I remember actually looking forward to Y2K. Then again, my imagination had it looking like a movie.

Brian H. Gill said...


Your mother and I, although we made contingency plans for Y2K, did not worry about it. I suspect our lack of emotional involvement in the situation, coupled with dramatic reporting in news media, contributed to your perception.

It would have made an interesting - and quite literally dark - disaster flick.

Unique, innovative candles

Visit us online:
Spiral Light CandleFind a Retailer
Spiral Light Candle Store


Note! Although I believe that these websites and blogs are useful resources for understanding the War on Terror, I do not necessarily agree with their opinions. 1 1 Given a recent misunderstanding of the phrase "useful resources," a clarification: I do not limit my reading to resources which support my views, or even to those which appear to be accurate. Reading opinions contrary to what I believed has been very useful at times: sometimes verifying my previous assumptions, sometimes encouraging me to change them.

Even resources which, in my opinion, are simply inaccurate are sometimes useful: these can give valuable insights into why some people or groups believe what they do.

In short, It is my opinion that some of the resources in this blogroll are neither accurate, nor unbiased. I do, however, believe that they are useful in understanding the War on Terror, the many versions of Islam, terrorism, and related topics.