An attack on Lockheed Martin's servers may have been carried out by the same hackers who infiltrated RSA's systems earlier this year, according to security experts.
Reports this week from within Lockheed Martin, one of the world's biggest arms and aeronautics manufacturers, suggest that the company has suffered a major IT breach, and is overhauling its use of the RSA SecureID two-factor authentication system.
Lockheed Martin, which declined to comment to V3.co.uk, has reportedly shut down remote access to its servers after detecting an intrusion earlier in the week. Staff are being told to exchange their RSA SecureID tokens before getting back onto the network.
"This morning (the day before a long holiday weekend), news of a breach at Lockheed Martin was made public," said researchers at NSS Labs.
"There have been malware and phishing campaigns in the wild seeking specific data linking RSA tokens to the end-user, leading us to believe that this attack was carried out by the original RSA attackers.
"Given the military targets, and that millions of compromised keys are in circulation, this is not over."
The target of the Lockheed attack is not known, but the firm is responsible for some of America's most advanced military technology, including the F-22 fighter aircraft and the Trident submarine-launched missile.
"The issue is whether all of the security controls are compromised," James A. Lewis, a senior fellow and specialist in computer security at the Center for Strategic and International Studies, told The New York Times.
"That's the assumption people are making. We don't know what they went after at Lockheed. One possibility is that it's a state actor, but it could also be criminals trying to exploit the company's customers."
Ever since the security breach at RSA, experts have questioned the safety of the firm's two-factor authentication. RSA warned customers that it had suffered an intrusion in March, but has since stayed silent on the issue.
Instapaper to 'go dark' in Europe until it can work out GDPR compliance
James Robbins of ArrowXL says that AI is no longer 'tomorrow's technology'
Staff told to beware of "unusual sounds" after an employee reported mystery symptoms
Sophisticated malware comprises code previously used to attack Ukraine