CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
June 2nd, 2011

U.S. Government Contractor Northrop Grumman Suspends Remote Network Access, Raising Cyber Attack Suspicions

Northrop Grumman, the second largest U.S. government contractor, has abruptly suspended remote access to its network last week, raising suspicions of a cyber attack.

Fox News quotes a confidential source inside the company who claims the suspension came without any advance notice on May 26.

“We went through a domain name and password reset across the entire organization. This caught even my executive management off guard and caused chaos,” the source said.

The insider also noted that such actions are normally announced in advance, which suggests the decision was the result of a very serious incident that required immediate action.

This latest revelation follows the announcement last week that Lockheed Martin, the largest US government contractor, suspended VPN access and reset all passwords following a cyber attack against its network.

In the Lockheed Martin attack, the hackers used cloned SecurID tokens to get past the company’s defenses. It’s believed the access devices were created with information stolen from RSA Security earlier this year.

RSA, a division of EMC and manufacturer of the SecurID authentication tokens, suffered a security breach in March which resulted in information related to the product being leaked.

The full implications of the breach are not known because RSA has made very little information public. The company shared more details about the incident with its customers but had them sign non-disclosure agreements first.

The SecurID tokens are used by millions of companies around the world, including most of the Fortune 500 ones. The product is also deployed across government agencies.

Before the Lockheed Martin cyber attack was revealed, L-3 Communications, another major government contractor, warned its employees about intrusion attempts that leveraged information stolen from RSA.

“We do not comment on whether or not Northrop Grumman is or has been a target for cyber intrusions. As a leader in cybersecurity, Northrop Grumman continuously monitors and proactively strengthens the security of our networks,” a Northrop spokesperson told Fox.

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • US Government Agencies Travel Reservations Website GovTrip.com Compromised By Hackers
  • US Government Contractor ManTech Hacked, Confidential Documents Stolen And Posted Online
  • Lockheed Martin Discovers Network Intrusion, Suspends Remote Access
  • U.S. Military Contractor Booz Allen Hamilton Hacked, Emails And Sensitive Data Exposed
  • White House Network Hacked By Chinese On Multiple Occasions

    • Posted in Breaches And Incidents, Cryptography, Data Theft, Targeted Attacks | Print This Post Print This Post

    This entry was posted on Thursday, June 2nd, 2011 at 5:20 pm and is filed under Breaches And Incidents, Cryptography, Data Theft, Targeted Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: U.S. Government Contractor Northrop Grumman Suspends Remote Network Access, Raising Cyber Attack Suspicions

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »