Lockheed Martin Breach Update

Jeffrey Carr has done some good research and blogged about what is known so far regarding the Lockheed Martin compromise.  A very good analysis of what appears to have happened using public informaiton sources, and illustrates some of the contradictory information Lockheed has released.  The extent of the RSA SecurID breach appears to be somewhat worse than EMC has reported and EMC still disclaims its role in this attack.

As Jeffrey points out, Lockheed Martin has a history of significant cybersecurity breaches dating back to Titan Rain in 2003, and the F-35 Joint Strike Fighter program in 2009.  They have never publicly acknowledged the F-35 breach and lost a the lawsuit when a jury awarded a multi-million verdict for wrongful termination in the Sandia National Labs incident.

I will continue to watch this situation, and provide links to what I believe are good articles and information.