Cyber villains strike Lockheed

The continuing meltdown in IT security, as witnessed by the latest incident: situation critical or head in the sand?

Read time 4min 10sec

Just a few weeks after the massive cyber breach at Sony comes news that Lockheed Martin has been the target of what the company describes as a 'significant and tenacious' cyber attack.

In response to the attack, Lockheed Martin has apparently instructed everyone within the company to reset all their IT passwords and has issued 90 000 replacement RSA SecureID tokens to employees - more on that later.

Although the Sony breach is - so far - the world's biggest cyber theft of customer data, its implications are perhaps not as significant as the 'intrusion' at Lockheed - this attempted cyber theft is a crystal clear indication of where corporate cyber crime is heading.

In comparison to Sony, Lockheed has very few customers. Only a limited number of organisations are in the market for fighter aircraft, networked satellite communication systems and Trident missiles. The make-believe world of PlayStation warfare is a lot different to that of the USA's top defence contractor. In comparison to Lockheed, Sony has very few significant trade secrets.

Secrets and lies

Corporate trade secrets would seem to be the hottest property on the cyber black market. The market is apparently saturated with stolen consumer data - the type of data nicked from Sony that aids the plain vanilla cyber crimes of credit and identity fraud.

If it starts filtering into the market, the mega-stash of Sony's customer data - perhaps 100+ million records - will probably only accelerate the decline of a market that was in free-fall anyway. The market for corporate secrets may be smaller, but it it's a lot more lucrative.

In the past few years, research and commentary about corporate cyber crime has repeatedly said that stolen consumer data is so widely available on the cyber black market that it's motivating the more organised and sophisticated villains to target corporate secrets.

This would seem to make perfect sense - what's the value of some stolen credit card data in comparison to the blueprints for, say, a Trident missile?

Savvy scoundrels

People don't need to be criminologists to understand that villains move with the times. Holding up a horse-drawn money wagon with some pointy sticks and Maid Marion at your side went out of a fashion a while ago.

The market for corporate secrets may be smaller, but it it's a lot more lucrative.

Mark Eardley is channel manager at SuperVision Biometric Systems.

In 2005, a Brazilian bank experienced one of the biggest cash robberies of all time - about $70 million in used banknotes went missing down a tunnel dug into the vault. But how's this - the cyber theft at Sony will cost the company $100 million more than that mega-heist.

Sony says it expects to spend at least $171 million in direct response to its cyber burglary. Who knows what the rest of the costs will be in terms of possible legal action against it, lost revenue, lost customers and the ongoing restoration of stakeholder trust?

If I was Sony, I'd rather have been robbed by the old-fashioned tunnel-into-the-vault brigade...

I'm pretty sure that's how the directors of the French bank Societe Generale must have felt in 2008 when a rogue insider abused colleagues' passwords to make unauthorised futures trades that ended up costing the bank R45 billion.

What about the financial impacts at RSA, the security division of EMC? Having been the victim of a March 2011 cyber heist that targeted secrets about its two-factor IT authentication product, SecureID, it seems the cyber villains are starting to reap some rewards from the data they stole.

Since the intrusion at Lockheed is reported to have been based on an attempted exploitation of SecureID, it's probably going to be a bad work-day at RSA if more lawyers from the likes of Lockheed get on the phone.

With over 40 million SecureID users at 30 000 organisations, who's to say what type of data is being targeted - and possibly being stolen - by cyber-savvy villains who are looking to exploit SecureID's PIN-based IT access solution?

And what was the RSA cyber theft based on? Incredibly, the company's own public evaluation of the attack says it was rolled over by the routine exploitation of employees' passwords.

If it comes down to tunnelling into a vault or sitting in front of keyboard, which route are the smartest, most determined and freedom-loving villains going to take?

After all, instead of pneumatic drills and thermic lances, all that is needed is a password or a PIN. If they want to wear stockings over their heads and call themselves Ned Kelly, well, that's entirely up to them.

Mark Eardley

channel manager at SuperVision Biometric Systems.

Mark Eardley has worked in the South African biometrics industry since 2006. He has directed the marketing for a local biometric brand and is currently responsible for business development at SuperVision Biometric Systems, South Africa’s oldest biometric specialist.

See also