Cyber attack shows constant threat to key intel

The attempted hacking of defense contractor Lockheed Martin once again shined the spotlight on the security of the high-tech infrastructure guarding the United States' most closely held secrets.

The threat of attacks by enemies of the United States on the country's cyber security is one that has been known about for years, officials and experts in the field of national security have said.

(Last year, a former chief of U.S. intelligence told "60 Minutes" that the United States was unprepared for cyber attacks.)

Cyber war: Sabotaging the system
Video: Full "60 Minutes" segment
Video: Hacking the D.O.D.

Joel Brenner, who held the title of national counterintelligence executive from 2006 to 2009, told the Reuters news agency Tuesday that not just Lockheed Martin but most large defense contractors, if not all of them, have had their networks breached.

"This has been happening since the late '90s," he told Reuters before referring to China, Iran and Russia, three countries he said are the American government's main suspects of cyber espionage. "They're after our weapons systems and R&D."

That research and development is of interest to the more than 100 intelligence groups the Defense Department says have tried to crack American cyber security, Reuters reported.

(Last year, "60 Minutes" obtained rare video footage showing a Pentagon employee selling secrets to a Chinese spy.)

Caught on tape: Stealing America's secrets
Video: Full "60 Minutes" segment
Video: Sloppy spying

On Saturday, Lockheed Martin said it was the recent target of a "significant and tenacious" hack, although the company and the Department of Homeland Security insist the attack was thwarted before any critical data was stolen.

Lockheed Martin hit by cyber attack

The effort highlighted the fact that some hackers, including many working for foreign governments, set their sights on information that has the potential to be far more devastating than accessing credit cards.

Information security experts say a rash of cyber attacks this year — including a massive security breach at Sony Corp. last month that affected millions of PlayStation users — has emboldened hackers and made them more willing to pursue sensitive information.

"2011 has really lit up the boards in terms of data breaches," said Josh Shaul, chief technology officer at Application Security, a New York-based company that is one of the largest database security software makers. "The list of targets just grows and grows."

Lockheed Martin Corp. said in a statement Saturday that it detected the May 21 attack "almost immediately" and took countermeasures.

"Our systems remain secure; no customer, program or employee personal data has been compromised," the Bethesda, Md.-based company said. Neither Lockheed Martin nor federal agencies would reveal specifics of the attack, or its origins. Company spokeswoman Jennifer Whitlow declined to comment further on the case Sunday.

This isn't the first time Lockheed Martin has been targeted. Nearly four years ago, officials revealed that hackers had breached Lockheed's Joint Strike Fighter program. Officials said no classified information about the military program was compromised, but heightened protections were added.

Analysts said the latest attack would likely spur rival defense contractors like Northrop Grumman Corp., Raytheon Co., General Dynamics Corp. and Boeing Co. to take additional steps to safeguard their systems.

"I guarantee you every major defense contractor is on double alert this weekend, watching what's going on and making sure they're not the next to fall victim," Shaul said.

Boeing declined to comment on the company's network security measures. Northrop Grumman spokesman Randy Belote said in an e-mailed statement that "we do not comment on whether or not Northrop Grumman is or has been a target for cyber intrusions," adding that the company "continuously monitors and proactively strengthens the security of our networks."

Over the past several years, the U.S. government has become more aggressive in its efforts to tackle cybercrime, developing strategies to beef up government computer systems, expand cooperation with other countries and improve coordination with the private sector. President Obama declared cybersecurity a top priority shortly after taking office in 2009, setting off several government-wide reviews to develop strategies to better secure government, business and public online activity.

The Pentagon last May set up a new Cyber Command, based alongside the National Security Agency at Fort Meade, Md., in recognition of the expanding threat against the Defense Department and the need to better coordinate the nation's offensive and defensive cyber operations. The Department of Homeland Security is also slowly employing an automated system — known as Einstein 2 and Einstein 3 — to protect government agencies' computer systems.

(Last month, a former NSA executive talked with "60 Minutes" about complaints he had about the agency after the 9/11 terror attacks.)

The Espionage Act: Why Tom Drake was indicted
Video: Full "60 Minutes" segment
Video: Spies and whistleblowers

Still, the attacks have continued. William J. Lynn III, the deputy defense secretary, said in January that more than 100 foreign intelligence agencies have tried to breach U.S. defense computer networks, largely to steal military plans and weapons systems designs.

China is often pointed to as a source of cyber attacks because a large amount of malware, or malicious software, originates from there. The government denies it is involved but experts say the high skill level of some attacks suggests the Chinese military, a leader in cyberwarfare research, or other agencies might be stealing technology and trade secrets to help state companies.

Meanwhile, attacks against corporations have been growing this year. In March, RSA, the security division of data storage company EMC, acknowledged that its computer network was hacked. The implications are serious because RSA's technology underpins the security of some of the world's most closely guarded data. RSA makes small security devices that supply constantly changing numbers that are used as secondary passwords for accessing corporate networks and email.

Last month, more than 100 million online accounts were affected by the hacking of Sony's PlayStation Network gaming service and other online services.

Companies have gotten better at detecting attacks through so-called "intrusion software" that uncovers odd behavior on networks, said Alfred Huger, vice president of development at security firm Sourcefire. As recently as five years ago, Huger said, it was difficult for companies to even determine if they were being hacked.

Even with enhanced technology to fight cyber espionage, experts say it will continue and evolve.

Rich Mogull, analyst and CEO of Phoenix-based security research firm Securosis, noted that governments and defense agencies have been spying on each other throughout history. Computers have just made it easier to do so electronically.

"This is just what countries do," he said. "It's the unfortunate reality of how the world works."