The Federal Bureau of Investigation is leading the investigation of a cyber attack on Lockheed Martin Corp. (LMT)’s computers, a Pentagon official said today.
“The FBI has the lead because it’s a criminal activity,” Robert Butler, the deputy assistant secretary of defense for cyber policy, said in an interview. The probe by the National Cyber Investigative Joint Task Force will determine if the breach was a result of “poor hygiene, if nothing was infiltrated and nothing taken or something more.”
Butler declined to say what actions the Pentagon would take if the investigation showed malicious intent by state or non- state actors. A spokeswoman for FBI declined to comment on the investigation.
Speaking earlier in the day at a forum in Washington hosted by the Center for a New American Security, Butler said the Pentagon determined that the impact of the attack on the Defense Department was minimal, based on information that Lockheed shared with the agency.
Lockheed, the world’s largest defense contractor, said May 28 that its computer network suffered a “significant and tenacious” attack on May 21 that was detected immediately. The Bethesda, Maryland-based company said no customer, program or customer data was lost in the attack.
Lockheed uses a network-access security system produced by Hopkinton, Massachusetts-based EMC Corp.’s RSA unit. RSA bolstered security for clients, including Lockheed, after a network breach in March resulted in the theft of RSA data, a person familiar with the process said May 28.
The remediation involves replacing the SecurID tokens issued by RSA that often expire in three years, said the person, who wasn’t authorized to discuss the matter publicly. The company’s defense-contractor clients, which make missiles, aircraft and other weapons, also include Northrop Grumman Corp. (NOC) and Raytheon Co. (RTN)