Defense contractor Lockheed Martin was recently hit with a cyber attack, but is downplaying the notion of any major threat, as is the U.S. Department of Defense.
While little has been revealed in the way of details surrounding the attack, the company says it was able to act quickly and protect critical data. Lockheed Martin released the following statement:
On Saturday, May 21, Lockheed Martin detected a significant and tenacious attack on its information systems network. The company’s information security team detected the attack almost immediately, and took aggressive actions to protect all systems and data. As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure; no customer, program or employee personal data has been compromised.
Throughout the ongoing investigation, Lockheed Martin has continued to keep the appropriate U.S. government agencies informed of our actions. The team continues to work around the clock to restore employee access to the network, while maintaining the highest level of security.
To counter the constant threats we face from adversaries around the world, we regularly take actions to increase the security of our systems and to protect our employee, customer and program data. Our policies, procedures and vigilance mitigate the cyber threats to our business, and we remain confident in the integrity of our robust, multi-layered information systems security.
Headquartered in Bethesda, Md., Lockheed Martin is a global security company that employs about 126,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services. The Corporation’s 2010 sales from continuing operations were $45.8 billion.
Lt Col April Cunningham, is quoted as speaking on behalf of the Defense Department, saying the impact on the Pentagon was “minimal and we don’t expect any adverse effect.”
Today, it’s being reported that the Pentagon has now decided that cyber attacks can be considered acts of war – a subject that will be addressed in its cyber strategy, which will be made public ( in part) in June. The Wall Street Journal reports:
The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military.
In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks,” said a military official.
Less than half of the cyber strategy will actually be available for public consumption, according to the report. That is, I assume, if they can manage to keep it off Wikileaks.
The subject of cyber attack as an act of war will no doubt see plenty of heated debate in the months to come, but it is clear that recent events have made the subject a much more critical one for discussion and solution.
On a semi-related note, PBS had its site hacked on Sunday, after the airing of a documentary about Bradley Manning (discussed here) as a nod to Wikileaks and Anonymous.