Are defence companies secure?

Posted on 31 May 2011 by The Manufacturer

A cyber attack on Lockheed Martin has caused aerospace and defence companies around the globe to review their IT security

Last week aerospace and defence giant, Lockheed Martin, came under a significant cyber-attack from an undisclosed source.

The company reacted quickly on indentifying the breach and has issued statements to reassure stakeholders that no data has been put in jeopardy. A company spokesperson told the BBC: “Our systems remain secure; no customer, programme or employee personal data has been compromised”.

While the extent of the security breach is yet to have been fully established both Lockheed Martin and The Pentagon are confident that security teams have done everything possible to prevent negative impact on operations. Some staff are however, still awaiting renewed access rights after access was restricted in response to the attack.

The importance of security for a company of Lockheed Martin’s size and type cannot be underestimated. As the world’s largest aerospace company it holds data on developing defence technology and established products such as the F-16, F-22 and F-35 fighter jets, which it manufactures.

Last week’s attack is not the first time Lockheed Martin has suffered cyber-attacks. Four years ago hackers invaded data for the high-tech Joint Fighter programme, which UK defence company BAE Systems also supports. Security measures were tightened as a consequence.

Data security over within internationalised systems and, increasingly, across cloud based applications which host information (to varying extents) on the internet are an increasing concern for companies in all sectors as globalisation pushes forward the need to share data across supply networks and widely distributed locations.

Technology supplier, IBM has recently established a new Institute for Advanced Security Europe to help organisations based in the EU understand developing security threats and how to protect against them with secure IT infrastructures. At a dinner to celebrate the launch of the institute last week an IBM representative told TM that companies must consider the “liability” of their data as well as the “workload” being passed across networks when choosing and developing their infrastructures.

Josh Shaul, chief technology officer at New York-based database security company Application Security, said other defence contractors will now be assessing their own measures following the attack on Lockheed Martin.