About the Lockheed Martin Hack

As first started leaking last week, Lockheed Martin seems to have been hacked.

Last weekend was bad for a very large U. S. defense contractor that uses SecureID tokens from RSA to provide two-factor authentication for remote VPN access to their corporate networks. Late on Sunday all remote access to the internal corporate network was disabled. All workers were told was that it would be down for at least a week. Folks who regularly telecommute were asked to come into nearby offices to work. Then earlier today (Wednesday) came word that everybody with RSA SecureID tokens would be getting new tokens over the next several weeks. Also, everybody on the network (over 100,000 people) would be asked to reset their passwords, which means admin files have probably been compromised.

What seems to have happened is hackers used information gotten in the RSA Data Security hack to try to break Lockheed’s own security–basically, Lockheed noticed that hackers were trying to use the keys they stole in March to open a bunch of locks at Lockheed. Lockheed appears to have discovered the effort and in response, started shutting down remote access on parts of its network.

Lockheed Martin, the Pentagon’s No. 1 supplier, is experiencing a major disruption to its computer systems that could be related to a problem with network security, a defense official and two sources familiar with the issue said on Thursday.

Lockheed, the biggest provider of information technology to the U.S. government, is grappling with “major internal computer network problems,” said one of the sources who was not authorized to publicly discuss the matter.

[snip]

The slowdown began on Sunday after security experts for the company detected an intrusion to the network, according to technology blogger Robert Cringely. He said it involved the use of SecurID tokens that employees use to access Lockheed’s internal network from outside its firewall,

[snip]

Loren Thompson, chief operating officer of the Lexington Institute, and a consultant to Lockheed, said the company monitored every node on its vast global computer network from a large operations center in a Maryland suburb near Washington, D.C.

“If it sees signs that the network is being compromised by outsiders it will shut down whole sectors of the network to protect information,” Thompson said.

He said Lockheed had advanced networking monitoring tools that gave it a “much better understanding of their systems’ status than most other organizations, including the Department of Defense.”

In other words, Lockheed may have prevented a much bigger breach into their own systems. But the assumption of many is that other companies might not have noticed what Lockheed did. Stories on this hack all feature a list of other defense contractors–like Boeing and Raytheon and Northrup Grumman–who “decline to comment,” which might mean they’re scrambling to address the same problem Lockheed is, only trying to do so without all the bad PR.

Now, most observers of this hack have suggested that the hackers–who might work for a state actors or some other sophisticated crime group–were after Lockheed’s war toy information (which partly explains why you’d ask Lockheed’s aerospace competitors if they’d been hacked too). But remember that Lockheed does a lot for the government besides build planes. Of particular note, they’re a huge NSA contractor. Maybe the hackers were after info on jet fighters, or maybe they were after the data and data collection programs our own government hides from its own citizens.

Which is all a reminder that, amidst the sound and fury directed at WikiLeaks (which after all shared important information with citizens who deserved to know it), there’s a whole lot more hacking we don’t learn the results of, hacking that either might result in others adopting our lethal technologies, or in third parties stealing the data we’re not even allowed to know.

Now, granted, Lockheed has far far better security than DOD’s SIPRNet does. At least they’re trying to protect their data. But it’s not clear they–or their counterparts–are entirely successful.

image_print
  1. BoxTurtle says:

    Don’t be too hard on Lockheed, the source of this problem is at RSA

    Anybody who uses RSA is now is exposed, Lockheed is just one that we know of.

    This is an example of “security by obscurity” and why such techniques will eventually fail. The hackers didn’t steal the “keys”, they stole the directions on how to make their own key for anybody.

    RSA can’t easily fix this by just re-releasing their tokens. Nor will it be fixed easily by just changing passwords.

    If you can’t publish your algolrithm to the world, it ain’t secure. But then the government wouldn’t have their backdoor, either.

    Boxturtle (PGP, properly implemented, can only be broke with brute force)

    • emptywheel says:

      Oh, I didn’t think I was being harsh on Lockheed. I meant to be harsh on all the other silent contractors who seem not to know whether they’ve been compromised or not–or who aren’t telling.

      • BoxTurtle says:

        The problem is those RSA hard tokens are everywhere. There are very few places that allow outside access that don’t use them, they were considered the standard.

        For those who haven’t seen one, they’re pretty simple. They’re set up like a key fob and there a display that shows a 6 digit number that changes every 30 seconds. You sign on with your userid and whatever number is currently displayed. The back end takes your userid, looks up the hard key serial number assigned to you, syncs, and determines if you entered the right number. You can’t use anybody else’s token.

        Boxturtle (The hackers now know how to generate that 6 digit number for any hardkey)

        • PJEvans says:

          Sounds a lot like the remote-access dongles that some of the people I work with have. (My employer is careful about handing those out: you actually have to have a need for remote access. I’ve never needed it.)

  2. SaltinWound says:

    Even if there were no hacking, the scale of domestic spying seems so large, that there must be many private contractors with access to secrets even Congress is not allowed to know. And not all of them are American. I have no reason to trust the private contractors who are in on whatever is going on, whether they are hacked or not.

    • emptywheel says:

      Well, I think some of our state based enemies are better at HUMINT. Others are good enough at hacking the HUMINT is probably gravy (presumably, what they get via hacking probably helps them recruit human agents).

      But yeah, it at some point it raises key question about who does and does not know its secrets.

      And there’s the larger question of the integrity of our little capitalist system. Presumably there is as much parallel hacking of less-secure computers that profoundly questions the claims made in the market.

  3. PeasantParty says:

    If you can’t publish your algolrithm to the world, it ain’t secure. But then the government wouldn’t have their backdoor, either.

    I was just thinking on similar lines. It would be some sweet justice to find out that the UNpatriot Acts of NSA and such were the hackers. I don’t know, but I really am just beyond belief of anything our government says or does at the moment. I’m constantly thinking and looking in the opposite directions because of all the known unknowns of the nonsecret secrets which are to be and stay unknown secrets! I’m telling ya, it’s the craziest thing ever!

  4. stryx says:

    To further your point:

    BOSTON, Feb 16 2011(Reuters) – Lockheed Martin Corp (LMT.N) will begin making control rooms for nuclear power plants produced by General Electric Co’s (GE.N) joint venture with Hitachi Ltd (6501.T), the companies said on Wednesday.

    http://www.reuters.com/article/2011/02/16/ge-lockheed-nuclear-idUSN1629427520110216

    Raytheon Co. will develop new nuclear material warning technology for the Homeland Security Department under a multi-year contract that could be worth as much as $2.9 million.

    The award calls for Raytheon Integrated Defense Systems to develop standoff warning against radiological materials (SWARM) technology to help spot and stop the illegal movement of nuclear material across United States land borders.

    http://washingtontechnology.com/articles/2008/11/19/raytheon-to-build-nuclear-warning-system-for-dhs.aspx

    LONDON – April 18, 2011 – Northrop Grumman Corporation (NYSE:NOC) will highlight a range of its products and capabilities dedicated to civil defence, national security and resilience at the Counter Terror Expo 2011 conference and exhibition being held in London.

    http://www.irconnect.com/noc/press/xml/nitf.html?d=219049

    It’s actually kind of difficult to tell the difference between civilian and military businesses.

  5. fatster says:

    Just a footnote for those interested:

    10 Companies That Make Billions from the U.S. Government

    Of a total reported in 2010 of $142.94B Lockheed-Martin came in at $35.9B.

    From the article:

    “In Lockheed’s 2010 annual report, the company notes that it derive 84% of sales from U.S. Government customers and 15% of sales to foreign governments.”

    LINK.

  6. xyno says:

    Yeah, the folks at RSA certainly know that security through obscurity isn’t.

    And given that, a back door seems about the only plausible reason for doing it.

    • BoxTurtle says:

      Not at all. They may have a really cool method that they simply don’t want to make public for fear of the competition taking it and using it. It’s tougher to enforce a patent if something is public domain. Consider it RSA’s Coke formula, it IS their business.

      Or it was. It’s been decyphered, and it’s going to have to change.

      Boxturtle (If it is a backdoor, look for USG to quietly cover RSA’s legal exposure)

  7. Gitcheegumee says:

    Total Number of Security Clearances Still Unknown
    May 27th, 2011 by Steven Aftergood

    The precise number of persons who hold security clearances for access to classified information was supposed to be reported to Congress by the Office of the Director of National Intelligence for the first time in February 2011. But that total number, which is believed to be around 2.5 million, remains elusive and it still has not been provided.

    At a December 1, 2010 hearing of a House Intelligence Subcommittee, John Fitzpatrick, director of the ODNI Special Security Center, toldRep. Anna Eshoo that the precise number of clearances would be revealed early this year.

    “We have a special data collection to provide a definitive answer on that in the February 2011 IRTPA report,” he said, referring to a report required under the 2004 Intelligence Reform and Terrorism Prevention Act. (“How Many People Have Security Clearances?”, Secrecy News, December 14, 2010).But when the February 2011 IRTPA report (pdf) was publicly released this month, in response to a Freedom of Information Act request, the promised number was not included.

    An ODNI spokesman said that the number will still be provided, but it will be transmitted in a different report pursuant to the Intelligence Authorization Act of 2010 (section 367), which specifically required disclosure of the total number of clearances.

    Total Number of Security Clearances Still Unknown | Secrecy NewsMay 27, 2011 … The precise number of persons who hold security clearances for access to classified information was supposed to be reported to Congress by …
    http://www.fas.org/blog/secrecy/2011/05/total_clearances.html – Cached►

    Secrecy NewsTotal Number of Security Clearances Still Unknown. May 27th, 2011 by Steven …
    http://www.fas.org/blog/secrecy/ – Cached – Similar

  8. AitchD says:

    Evidently the government’s perverse logic and obsessive compulsion about security intends to outlaw privacy: privacy is perceived as the worst threat to security.

  9. MadDog says:

    I’ve mentioned how the largest corporations and federal agencies are really, really shitting ginormous bricks regarding this hack before (here and again earlier, here), but with EW’s post today, I wanted to explain just how really ginormous this probably is.

    This isn’t about some kiddie hacker trying to find a way into Lockheed like a teenager stealing a carton of smokes from your local 7 Eleven.

    Consider what has really occurred here and the level of sophistication and planning it must have required.

    First of all, these folks hacked into one of the, if not the most secure private corporation in the world.

    A corporation whose very lifeblood is security itself! A corporation who makes those very security products that are depended upon by the largest, most sophisticated IT shops in both the private sector and government intelligence agencies in the entire world!

    Now in the case of the RSA Data Security division of EMC whose SecurID token technology was originally hacked and compromised, imagine the sophistication and planning that must have taken place to accomplish that feat.

    A kiddie hacker would break into a site and typically meander aimlessly through tens of thousands upon tens of thousands of directories and files looking for neat stuff to play with or steal. Think again of a teenager ripping off a carton of smokes from 7 Eleven.

    In the case of RSA, from what has been publicly reported, these folks knew exactly where to find RSA’s crown jewels, and knew how to bypass every single level of security at RSA (the world’s top security corporation) in order to steal those very crown jewels.

    It’s like stealing the Mona Lisa from the Louvre! Bypassing metal locks, infrared motion detectors, sound detectors, etc. and then, knowing exactly where the Mona Lisa is hanging.

    The very best bank robbers don’t just dynamite and blow a hole in a bank to grab the cash. Instead the best bank robbers know exactly when the big cash payday will be inside, know exactly how to surreptitiously get inside the bank without the public or bank security personnel ever hearing or seeing them, know every security system in place and how to disarm it, know how the safe is made (12 inches of hardened steel made by Safeco Safe company), and most importantly, the very best bank robbers know and plan how to get safely away!

    Therefore, one must think of the RSA breakin as having that same high level of sophistication and planning.

    These folks knew in advance exactly what they wanted and knew in advance down to the most minute detail, exactly where to find it, and exactly how to get it.

    So when one reads the “no big deal spin” coming out about the Lockheed hack, one also must take these public pronouncements by both Lockheed itself, and its main customer, the US government, with considerable amounts of skepticism.

    I’m betting in the case of Lockheed (and most other sophisticated hacks), the initial object is not to immediately make off with all of the crown jewel stuff, but instead to plant and install hidden secretive software (keyloggers, robotic-like control software programming, etc.) that can bypass or overcome all security and access controls, and then sneak those crown jewels out over a period of days, weeks, and months, if not years.

    Lastly, in both the case of the RSA hack and the Lockheed hack, neither could be effectively accomplished without inside information!

    Methods might include bribing employees (or former employees), acquiring detailed system architectural specifications, identification of system and employee vulnerabilities, and all the other necessary sophisticated stuff to get in and get out with the crown jewels.

    Mark my words! The RSA and Lockheed hacks were not kid’s play! And ginormous bricks are really, really being shitted by our largest corporations and federal agencies!

    • marksb says:

      Yeah, that’s my take, Oceans Eleven as applied to hacking the top secure system around. Two things though,

      It is very possible that the first breach was to find out what’s there and what extra security exists within. It is possible that the breach was detected before significant information was compromised. If I read between the lines,

      “If it sees signs that the network is being compromised by outsiders it will shut down whole sectors of the network to protect information,” Thompson said.

      …then it’s very possible that the initial attempt to breach was detected and the system shut down hard. It is also possible that they are trying to cover their asses, but assuming they’re speaking the truth, then maybe the info wasn’t comprimised.

      The other thing I agree with you is that this means the whole RSA security system is null & void. One hopes that the smart thing to do was done all along–assume a possible breach and design a ready-to-implement system to take over. Further, since the keychain system has been around for a good number of years, it’s possible that a replacement system has been designed and might be close to ready to rollout.

      I’d love to know the inside story of how the system was hacked, the players and the details.

      • MadDog says:

        …It is very possible that the first breach was to find out what’s there and what extra security exists within. It is possible that the breach was detected before significant information was compromised…

        I don’t disagree regarding the Lockheed hack, but the RSA hack was another critter altogether.

        A couple things come to mind. One, the RSA hack got the crown jewels. Two, a copy of those RSA crown jewels might have been sold on the underground market to one set of hackers (state or criminal/spy organizations) for the Lockheed hack, and also sold, or will be sold, over and over again to other sets of hackers (state or criminal/spy organizations).

        The Lockheed hack seems to be less sophisticated, and less well planned.

        If one truly had the RSA keys to the remote access kingdom, and one knew the total security and crown jewel layout of the target, then it would be possible to steal the crown jewels without the target ever being aware of it.

        To further highlight what EW wrote:

        …But the assumption of many is that other companies might not have noticed what Lockheed did…

        It may be that other targets don’t even know they’ve been compromised. And may never know.

      • MadDog says:

        …The other thing I agree with you is that this means the whole RSA security system is null & void. One hopes that the smart thing to do was done all along–assume a possible breach and design a ready-to-implement system to take over. Further, since the keychain system has been around for a good number of years, it’s possible that a replacement system has been designed and might be close to ready to rollout…

        If the RSA hackers were smart enough and well-informed enough to steal RSA’s crown jewels, I’d wager there is a high probability that they were smart enough and well-informed enough to steal RSA’s replacement crown jewels.

        Might be a wise stock market play to sell EMC/RSA short because they may be toast.

        • marksb says:

          Agree about the other members of the system not having the wisdom and detection tools to see the initial or early system breaches. And if the breach is skilled enough and the RSA key is correct, it won’t even be seen as a breach. This is really akin to the Coocoo’s Egg situation, which was back In The Day of Decwriters and VAX’s, but the point is the same–if you don’t have a detection system that watches every single login, dynamically, you *will* get hacked. And that no matter how tight your security system is, you have to prepare for the team smarter than your team.

          As far as RSA system being toast, the big underlying problem is that the strategic and tactical implementation plan to replace it–across the thousands of users and projects and systems that rely on the RSA system to perform their mission-critical tasks–takes years. It’s a huge, overwhelming program; it would take months at minimum to just plan the implementation, making a huge assumption that a replacement system is designed, tested, and approved. And having second thoughts since my previous comment, I would be very surprised if there’s a working/tested/approved system waiting in the wings. More likely a bid will have to be initiated and systems designed, tested, chosen, and approved–again, years.

          Ugh.

          • MadDog says:

            …I would be very surprised if there’s a working/tested/approved system waiting in the wings. More likely a bid will have to be initiated and systems designed, tested, chosen, and approved–again, years.

            Ugh…

            Yup! Double ugh! *g*

            And in the intervening months or years, thousands of companies and government organizations have a major increase in their vulnerability to remote access intrusions.

              • MadDog says:

                The same folks who always pay for everything — us!

                When banksters lose “their” profits from new debit card processing fee limitations, who do you think those banksters are going to tap to make “their” profits whole?

                When drug companies get slapped with federal fines for conspiring to keep prices high and “their” profits get cut, who do you think they are going to tap to make “their” profits whole?

                Name me any enterprise that doesn’t pass on its costs to consumers?

                Us rubes always pay.

                • fatster says:

                  It’ll probably double that amount we paid them (whether we liked it or not–others determine how our tax dollars will be used) in 2010 (see Comment 8).

          • emptywheel says:

            As I Cringely, who may have been the first to report on the Lockheed hack pointed out, this paragraph from the NYT says a lot:

            Mr. Lewis, the security specialist at the Center for Strategic and International Studies, said the intruders had been detected as they were trying to transfer data by security software provided by the NetWitness Corporation, a company that provides network monitoring software. In April, NetWitness was acquired by RSA’s parent company, EMC.

            • marksb says:

              Makes sense. From the earliest days network analysis and management programs (the “sniffer”) were the tool of choice for hacking. Netwitness’s wiki page says

              Since the spinout, NetWitness has brought to market a suite of products to support deep, real-time network situational awareness, agile network response and expand their patented NetWitness NextGen™technology.

              Which is what you want. Deep meaning we can look at all the data including source and destination, real-time meaning we see it here-and-now, situational I think means it can adapt to the data content (key words and the like), and agile probably means the same thing only with “turn on a dime” shift in analysis programs depending on the content sensed.

              This is the kind of thing we’ve talked about around here IRT domestic data mining and analysis (the secret ATT room gig). Again, it backs up MadDog’s contention that these are pros–this ain’t no kiddies hacking from the basement. We were dreaming of stuff like this ten years back to provide Telecoms with “lawful intercept” capability.

      • emptywheel says:

        Right, but that’s Lockheed, right. Either only Lockheed has the crown jewels that these people are after (unlikely), or some other people didn’t notice the people knocking at their door.

      • marksb says:

        It would take a team of considerable skill and knowledge, with inside information, and considerable time. While that could be a state-sponsored entity, it also could be an Ocean’s Eleven-type group, though probably not as good-looking as Clooney, Pit, and Damon. The $ rewards, if successful, could be huge.

      • MadDog says:

        I agree with marksb. Smart, well-informed and sophisticated team with inside info on the RSA hack.

        I don’t know whether it is a state-sponsored entity like China’s Department of State Security (MSS) or Russia’s Foreign Intelligence Service (SVR), or some lesser group of folks, but I’m guessing whatever the group, the US is throwing considerable national security/counter-intelligence resources to identify and apprehend the culprits.

        If we were talking about volcanoes and their scale, the RSA hack would be no piddling Mount St. Helens, but a Krakatoa instead.

      • emptywheel says:

        Precisely. There are people out tehre making that badly mistaken assumption. But not only has Anon NOT claimed credit (which they normally do), but this is just an entirely different animal than what Anon does (besides, Anon was busy hacking PBS).

        Which is sort of my point about Wikileaks (I think Anon is more dangerous than Wikileaks, but sort of goes for them to). If all these reasonably well-intentioned people can hack at will, then presumably the state actors and organized crime entities w/a lot more formal coordination/horsepower directed at their targets can hack at will too. In a sense, we should be grateful that WL makes visible what presumably goes on in much more massive, dangerous fashion invisibly.

  10. DWBartoo says:

    Among other things, Lockheed Martin is the world’s largest military contractor … it was created in 1995 with the merger of the Lockheed and Martin Marietta companies, it grew to its cuurent scale by acquiring 18 “heritage” companies with much of this merger activity being directly subsidized by DoD …

    “LockMart enjoys a very close relationship with the United States Government and has invested in that realtionship in many ways including (but hardly limited to) helping politicians get elected…

    …LockMart is not just a factor in elections but in lawmaking as well…

    …It has spent more on lobbying than any of its competitors over the last five years of record …”

    Information from the Los Alamos Study Group.

    • DWBartoo says:

      “In addition to making weapons Lockheed’s vast information technology (IT) systems sort the mail for the US Postal Department, cuts Social Security checks … count the census, total taxes, process Medicare and Medicaid applications … and run space flights.”

      • DWBartoo says:

        “In the late 1990’s Lockheed extended it reach into state and local governments, joining the ‘gold rush’ of child support, human services, and welfare privitization contracts.”

      • MadDog says:

        I worked with Lockheed/Martin Marietta back in the mid 80s, and even at that time, they were heavily involved with our intel agencies including the CIA, NSA, DIA, the now called NGA, FBI and others.

        Back then, Lockheed/Martin Marietta was also a leader in biometrics for both security and military purposes as well.

        Fingers in almost every US government intelligence and military pie!

        • DWBartoo says:

          I wondered if you had an “inside” insight, Mad Dog.

          I’ve been watching LockMart since before the big merger and have to say that LockMart’s “revolving door” has swept ’round an number of “notables”, it is one of the big ones, accomodating the likes of Lynne Cheney, who was on the Board of Directors from 1994 until mere days before Dick Cheney’s inaguration …

          Others have included:

          Gordon England, former President of General Dynamics which merged with LockMart, England was appointed Acting Deputy Secretary of Defense, replacing Wolfowitz, England also Deputy Secretary of Homeland Security.

          Stephen J. Hadley, replaced Condolezza Rice as National Security Adviser, he also was a partner in Shea & Gardner, a DC law firm which represents LockMart.

          E. C. “Pete” Aldridge, a LockMart Board member, a former Under Secretary of Defense for Acquisition, Technology, and Logistics, and a former Secretary of the Air Force who signed off on Lockheed Martin’s F-22 just 30 days before joining LockMart’s board …

          And so on and so forth …

          DW

          • Gitcheegumee says:

            Sourcewatch has some interesting background on Lockheed,also,including a whistleblower lawsuit,among other things.

            Is it just me, or is it beyond ironic that a firm’s name containing both the words “lock” and “heed” should have security breaches?

  11. Gitcheegumee says:

    Regarding the use of purloined ,classified info to “best” competitors’ trade secrets,consider this :

    May 24, 2011 01:21 PM Eastern Daylight Time

    $6.64 Billion Damages Sought over Israeli Government and AIPAC Use of Stolen Classified US Trade Data

    WASHINGTON–(BUSINESS WIRE)–Today the Section 301 Committee of the US Trade Representative formally received a petition demanding $6.64 billion in compensation for US exporters. In 1984 US exporters were urged to submit business confidential data about their prices, market share, internal costs and market strategy to the International Trade Commission. The USTR guaranteed confidentiality and compiled the data into a classified report for use in negotiating the US-Israel Free Trade Agreement.

    The Israeli government obtained the classified USTR report and passed it to the American Israel Public Affairs Committee to use in lobbying and public relations. Declassified FBI investigation files in the petition reveal AIPAC’s legislative director made illicit duplications before returning the report by order of the USTR. The FBI interviewed Israeli Minister of Economics Dan Halpern who admitted obtaining the classified document and giving it to AIPAC.

    According to the petition Israel unfairly leveraged the business confidential data stolen from US corporations and industry groups to create new export oriented industries to penetrate the American market. Israel thereby gained an unwarranted systemic advantage. The US-Israel FTA is an anomaly among all bilateral FTAs in that it principally benefits the foreign party, providing a destination for 40% of Israel’s exports. The petition claims it is now a private industry funded foreign aid program. In 2010 the US Israel FTA produced an $11.2 billion US deficit in goods trade. Over a decade the US deficit has averaged $7.09 billion per year. The cumulative US-Israel deficit in current dollars since 1985 is $80.9 billion.

    Analysis of all other US-bilateral FTAs reveals that they do not deliver a systemic advantage to either partner. In 2010, the US had a $31.43 billion total surplus with its other bilateral FTA partners, though in 2006 and 2007 these same agreements produced a narrow US deficit.

    $6.64 Billion Damages Sought over Israeli Government and AIPAC Use …May 24, 2011 … Billion Damages Sought over Israeli Government and AIPAC Use of Stolen Classified US Trade Data.
    classic.cnbc.com/id/43155320 – Cached

  12. jpmaz says:

    From personal knowledge of “closing barn door after horse has bolted” action taken last year at another major household name defense contractor, I expect that these security breaches are probably widespread. In the case of the US based multinational I know of, they managed to keep it out of the news.

    The resulting internal scrambling to update their security was notable to me for the precise way a hitherto extremely cost conscious organization was throwing cash at desperate measures. The only criteria around the “money is not an object” efforts struck me as being consistent with government rules rather than their internal culture.

  13. JohnLopresti says:

    The ifB*s Mueller faces a twelfth year vote in the senate, where Grassley plans close scrutiny; Bridgewater, the world*s largest hedgefund keeps Comey who reportedly declined a presidential offer recently, to become Mueller*s replacement. Comey left Lockheed one year ago. Many folks at Bridgewater (Fairfield, CT) think it is an average business environment, except an anonymous person from its IT dept. All of which is only nonhacker gloss, except that Comey appears to have had an average sensibility about timing his swansong at the prominent defense contractor last year.

    Something about Lockheed*s past FCPA record of scandal in Japan also came to mind, and a parallel possibility that the Fukushima II snarled works might have an IT extension, i.e. a backdoor spawned in the fairly recent rsA debacle.

  14. wmd1961 says:

    What I’ve read is this is a corporate breach, not a breach of classified information. It will cost Lockheed (read taxpayers) money in lost productivity as workers drive to work, etc. And it could lead to financial information that has security implications – budgeting for Program X is so many billion dollars tells something about Program X.

    Companies cannot allow VPN access to classified information – it has to be physically secure. Not that the DoD did all that well at physically securing SIPRnet terminals, what with the sticky note passwords and all.

    Lockheed Martin is the Cadillac driving welfare queen of all time.

  15. yellowsnapdragon says:

    Hmm. Here’s an interesting tidbit from National Corruption Index’s profile of Li Ka-Shing.

    In 2004, foreign hackers broke into the network at Sandia National Labs and stole sensitive data. An analyst named Carpenter tracked them down, and they appeared to be the same hackers that broke into Lockheed Martin—who manages Sandia for the federal government. It looked like they were breaking into other secure computer systems across the U.S. government and military, as well. Time Magazine said high-level officials at three agencies told them that the breach was serious, and another source said the FBI is “aggressively” investigating the involvement of the Chinese government. On his own time, Carpenter tracked the hackers from his home computer, and he shared his findings with the FBI. However, Sandia told him to stop immediately, since they only cared what happened on their computers. They ultimately fired Carpenter, and he filed a civil suit against them for defamation and wrongful termination.

  16. yellowsnapdragon says:

    And there’s this:

    NetWitness also employs Shawn Carpenter, a cyber security specialist fired by Sandia National Labs after notifying the FBI that hackers based in China had penetrated the servers on the network where U.S. nuclear weapons are designed. (Sandia is owned by defense giant Lockheed Martin.) Carpenter is the principal forensic analyst at NetWitness.

  17. orionATL says:

    there’s a whole lot a [hackin’] goin’ on.

    but wikileaks, the apointed bete noir of happy-happy american military and diplomatic policy, doesn’t do hacking, right?

    hackers don’t embarrass american public officials by demonstrating they misjudge and lie

    hackers don’t generally inform citizens of their government’s blunders

    hackers’ don’t usually have a public purpose; purposes are usually “selfish”, right?

  18. marksb says:

    Finally done with work (on Memorial day? Argh!)

    Recently I was looking at the “Square” credit-card reader for the iphone/ipad. Very cool, very simple and wonderfully functional.

    I was thinking about a small biometric detection device along these lines, maybe an eye scanner, or a fingerprint reader.

    These devices are available now, cheap, and could readily create a stop-gap security system that could be running in less than a year, maybe less, including the initial setup (done at a secure facility to establish the biometric UID).

    A tighter biometric & key system could be developed over the next year for extreme security.

    Just a thought.

  19. bobschacht says:

    Well, it’s late on a holiday weekend, all the threads are winding down, and no one wants to respond to my comments at the end of the DiFi thread, so before EW posts another diary, please forgive this digression.

    Why is it that MSNBC turns from producing respectable news shows during the week into 24/7 murder, rape, mayhem and prisons on the weekend? Is this some Jekyll/Hyde thing, or what? To look on the bright(?) side, it forces me to expand my vision watching CNN and then, when I’ve heard all their news stories at least twice, to C-SPAN, where I am occasionally edified by something unexpected and interesting. Or better yet, to watch sports– which I only do under certain conditions (if a favorite team is on, or playoffs, etc.)

    Anyway, I hope everyone has had a great weekend and is ready to resume the fight tomorrow.

    Bob in AZ

    • marksb says:

      Hey Bob, in case you drop back in here, as I understand it, news divisions are expensive to run, especially if you run them well. Having a few stars and their small staffs for the evening shows is relatively cheap. I’m betting the cops-and-prison stuff on the weekend is spec’ed/bought from private producers, who run a writer, camera, editor, small staff and non of it on the MSNBC payroll, so it’s cheap.

      And, while I don’t understand it at all, it would seem there’s an audience for this crap.

  20. bobschacht says:

    Another question: What is it about the Constitution?
    The Tea Party folks claim to revere it, and frequently complain about various acts that they see as unConstitutional. We here also complain about abuses of the Constitution, but apart from some congruence between Rand Paul and Ron Wyden on the Patriot Act, we seldom see eye to eye.

    Some of us had hopes for Obama as a Constitutional scholar, which seem quickly to have been dashed. Annette Gordon-Reid, author of a forthcoming book on President Andrew Johnson was on C-SPAN tonight, and made an off-hand comment about the Constitution as though she was somewhat indifferent to it– at least, she was not interested in granting it quasi-religious status. I think there’s some of that in Obama, too. Maybe Black scholars have a different take on the Constitution than Whites. After all, Whites used the Constitution against Blacks for the first 75 years of our country, and then in another way as an agent of oppression for another 100 years, the Civil War notwithstanding. And secondarily, I think Obama perceives that the Tea Party people want to use the Constitution against him. So there’s some kind of racial tension about the Constitution, I think, that must be understood in order to understand Obama’s attitude towards upholding and defending the Constitution of the United States.

    Bob in AZ

  21. The Tim Channel says:

    What’s the worse that could happen? Most likely this will just make it harder for us to win the next war we shouldn’t have started in the first place.

    Enjoy.

  22. lysias says:

    NSA’s two missions are : (1) SIGINT, signals intelligence, i.e., the derivation of intelligence through the interception of signals; and (2) COMSEC, communications security, i.e., protecting the U.S.’s own communications from interception by foreign powers.

    Looks like NSA has failed miserably at COMSEC here.