Lockheed Martin Confirms it Came Under Attack

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Lockeed Martin has now confirmed the rumors that the company did come under attack over the weekend. In the story we posted yesterday (here), the company had refused to comment. Today's article also provides us with quote of the day "the internet has gotten scary."

All of this is yet another example of how the Internet has gotten scary in recent years. The knowledge and capabilities to launch attacks on the systems and networks used in sensitive military work, as well as the industrial systems that control the machinery required for modern life, have made such systems increasingly tempting targets for people who want to have an impact.
Click to expand...
 
in this day and age you'd think they'd have certain ...I don't know... sensitive... materials not accessible at all from the outside
 
sfsuphysics said:
in this day and age you'd think they'd have certain ...I don't know... sensitive... materials not accessible at all from the outside
Click to expand...

I'm sure all they got was the lunch schedule and invoices for replacement parts. There is absolutely no reason to put sensitive data on a system connected to the internet. Anyone who does something like that should be sent to prison for criminal negligence.
 
errr can you not unpulg yourself from the internet and and dont put classified stuff on pc's? Bin laden did why cant we ?
 
Dear Programmers

Stop writing shitty programs full of bugs that can be exploited by hackers.
 
Spooony said:
Dear Programmers

Stop writing shitty programs full of bugs that can be exploited by hackers.
Click to expand...

How about you learn how to program well enough to not write programs that are not buggy. There are way to many variables to create one set of code for millions of users and it be lock tight from bugs. Some of the best coders work for multiple software companies and still cannot write good enough code to not be buggy on someones machine. It's not as easy as you think.

Think about this... For every person that is the smartest in their field... There is someone smarter than them.

Just my .02 about people complaining about "Shitty Programmers."
 
Show of hands it was the Chinese or one of it's associated proxies like DPRK, Iran, Pakistan, etc.
 
The disturbing thing is that Lockheed Martin develops security systems for the military. They're probably the biggest player in military software systems. The attack should not have been successful in any regard.

The fact that they attacked LM pretty much has China written all over it. This is a bad thing, because we cannot outspend China on technical talent. We have an advantage in technology and massive military power, but with these espionage and electronic warfare trends, neither of those advantages will be reliable.
 
WozniakMac said:
Think about this... For every person that is the smartest in their field... There is someone smarter than them.
Click to expand...

Except for the smartest person who, by definition, is smarter than everyone else.

As far as the story is concerned, this is really high up there on my "meh" scale. Lockheed, as a corporation, is not using 100% in-house applications. The vast majority of the software they use (counted in total number of installations) is probably no different than what the public uses, so of course there are going to be a ton of holes. It's more than likely not worth the extra cost to develop proprietary systems for the computers the secretaries are using. The only reason this is a story is because of the type of work the company does, but as long as protocol was followed and some employee didn't randomly save classified docs on one of the insecure networks, then I don't see this being that big of an issue.

Now if China hacked into some of our field communication systems...
 
From what I have read, this has nothing to do with a Lockheed Martin-designed security system and everything to do with an exploit of some sort available for a security system to do with VPN access, whose technology is wholly owned by RSA.

So, I expect some security changes would be coming soon to that system..
 
I see america falling behind in the digital arms race -- here if a genius programmer/kid/recluse pulls a great hack, he gets locked up in prison and called an evil person.

Over in China it probably gets you all sorts of job offers.

Sucks when your system gets compromised - instead of breaking some guys door in and beating him up and locking him away -- you want him to be on YOUR side. Cyber crime like this is only going to get worse, what are we supposed to do when the best and brightest are in prison fighting off rape?
 
collegeboy69us said:
I see america falling behind in the digital arms race -- here if a genius programmer/kid/recluse pulls a great hack, he gets locked up in prison and called an evil person.

Over in China it probably gets you all sorts of job offers.

Sucks when your system gets compromised - instead of breaking some guys door in and beating him up and locking him away -- you want him to be on YOUR side. Cyber crime like this is only going to get worse, what are we supposed to do when the best and brightest are in prison fighting off rape?
Click to expand...

Then you open the flood gates of nerds hacking more and more screaming where is my job yo? All the while the DOD and other agencies are fighting off losers looking for jobs as opposed to real threats.
 
the real threat here is if they accessed the files of someone who ran personnel of one of their facilities or something and were able to use the hacked info to physically access a lockeed building and enter into a section with classified material... scary stuff
 
heatlesssun said:
Easier said than done.
Click to expand...

True. Ms wait for a malware to cause havoc before they release a patch for a update. They don't release a patch when they get informed bout the exploit. Hate to mention this again and my appoligies but they but the one exploit Stuxnet used a security mag told ms nine months before it happened about the exploit. They didn't patch it up. It wouldve have stopped it but still how many other sources used that exploit for smaller stuff to their advantage
 
next-Jin said:
Then you open the flood gates of nerds hacking more and more screaming where is my job yo? All the while the DOD and other agencies are fighting off losers looking for jobs as opposed to real threats.
Click to expand...

what do you mean. Its the national governments doing the hacking and creating the advance malware these days. And RSA was hacked aswell btw. That's not a hacker that's a government org doing that. Same with Comodo being hacked. Iran.
 
think someone like AiR (who cracked iLok) could break something like the RSA ??
 
Imaulle said:
think someone like AiR (who cracked iLok) could break something like the RSA ??
Click to expand...

do you think a guy in china can create a piece of malware who's drivers are signed by Jmicron and Realtek, contains 4 zero day exploits and encrypts its payloads on windows and on a PLC?
 
you guys have it all wrong.... it was sony who hacked them in order to get all the press off themselves o_O
 
Spooony said:
do you think a guy in china can create a piece of malware who's drivers are signed by Jmicron and Realtek, contains 4 zero day exploits and encrypts its payloads on windows and on a PLC?
Click to expand...

Except we already have an extremely good idea of who wrote that one, and who supplied the funding for it.
 
Spooony said:
True. Ms wait for a malware to cause havoc before they release a patch for a update.
Click to expand...

This simply isn't true, at least not in all cases. For example the Code Red flaw in Windows from a decade ago was patched months before the actual Code Red attack proliferated. And there are plenty of other examples of attacks coming after flaws were corrected in Windows.

Software security involves more than just defect-free code, which impossible under current circumstances. Security requires due diligence by system users as well. It's no different than physical security. A lock that isn't locked by negligence of the user cannot be blamed on the lock's manufacturer.
 
Sony should take security lessons from this, assuming what LM said about customer data not being compromised is true.
 
I like it, you hack the gov you get a military boot to the side of your head or up your ass
 
You must log in or register to reply here.
Back
Top