Lessons Learned From Lockheed

Wayne Rash
The recent cyber attack on Lockheed Martin turned out to be good news. The largest defense contractor in the U.S. turned out to have a level of security that even the best hackers sponsored by the country behind all of this couldn't break. At this point nobody knows for sure where the attack really came from. There's much speculation about China, because that country threatened Lockheed Martin if it agreed to sell F-16 fighter jets to Taiwan, and China was the source of the last break-in to Lockheed Martin. But this time, nobody knows for sure.

But the bottom line is that for now, the source of the attack doesn't matter. All that matters is that they failed. But in the process of failing, the attackers also demonstrated why really solid security is just as important to you as it is to Lockheed Martin. This is because one of the pathways that the attackers tried to follow was Lockheed Martin's business partners. That didn't work either.

But what this shows is that you could easily become the target of a cyber attack, not because of the secrets you may or may not hold, but simply because of who you do business with. Let's say for example, that one of your customers is a bank. Even though you may not have direct access to the bank's network, cyber criminals may decide to hack into your network to search for information to access the bank, or for login information or some other data that might ease their access. The fact that you may not even possess such information won't stop the cyber criminals from trying.

The result is that your network and your data, and the data of your customers is compromised even if the criminals ultimately fail at getting access to the bank. And you can assume that if these cyber criminals find useful information, they'll still use it, even if it wasn't their primary objective.

The secret is to employ what Lockheed Martin has called a "defense in depth." You can't depend just on passwords, or just on a SecureID token (apparently the exploit attempted by the Lockheed Martin intruders). You have to have additional methods of defense, including encrypted communications, encrypted storage, internal firewalls, routers set so they don't allow anything but the proper MAC addresses to be routed. There are a number of possible steps you can take.

The real key is that you take those steps. It's true that some levels of defense are annoying, but most are transparent to everyone but the IT department. After all, you don't need to worry about an internal firewall if you're supposed to be using systems on the other side of the firewall. You'd only notice it if you weren't supposed to be using them.

The fact is that most of these layers of defense aren't particularly difficult to implement, and they aren't that hard to manage. It just takes a commitment to security to have them in place. And then you'll be protected when the bad guys come calling.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.