The December 2022 issue of IEEE Spectrum is here!

Close bar

Last Thursday, Reuters ran a story that the US defense firm Lockheed Martin was experiencing a major disruption to its computer systems because of cyber attack.

The Reuters story said that the attack began the weekend before and indicated that it involved the company's SecurID tokens which allow Lockheed's 126,000 employees "... to access Lockheed's internal network from outside its firewall."

As a result of the attack, Lockheed reset all of its employees' passwords.

You may recall that last March, SecurID, the major two-factor authentication security product of RSA (which is the security division of the EMC Corporation), was itself the target of a sophisticated cyber attack. The attack resulted in SecurID's offering to be partially compromised. SecurID is used by 40 million people and 30,000 organizations worldwide.

In the wake of the attack on SecurID, Lockheed took steps to increase its IT security defenses and lower its reliance on SecurID, as did many other defense and commercial companies.  Steve Winterfeld, cyber technical lead at defense contractor TASC which is deeply involved in IT security, was quoted as saying in the Reuters article:

"You have no idea how many people are freaked out right now [about the SecurID breach] ... TASC is no longer treating the RSA device as if it were as secure as it was beforehand."

The Reuters article started a media feeding frenzy of speculation about what was going on at Lockheed and whether US defense secrets were at risk. The $45.8 billion company makes the F-22 and F-35 stealth fighters, among many, many other classified defense systems.

Helping chum the story was that Reuters used an unnamed defense official as a major source of its information, as well as two other sources who also declined to be identified. Lockheed also wasn't immediately forthcoming about what was going on, nor was SecurID. And a US defense official deciding to go public with the information seemed to indicate that the US Department of Defense wasn't happy about what was going on at Lockheed.

The Reuters story - and further speculation that US defense secrets may have been taken not only at Lockheed Martin, but other defense contractors like BoeingNorthrop Grumman and Raytheon among others - spread like wildfire, which then caused Lockheed to issue a press release late Friday that stated:

"On Saturday, May 21, Lockheed Martin detected a significant and tenacious attack on its information systems network. The company’s information security team detected the attack almost immediately, and took aggressive actions to protect all systems and data. As a result of the swift and deliberate actions taken to protect the network and increase IT security, our systems remain secure; no customer, program or employee personal data has been compromised."

"Throughout the ongoing investigation, Lockheed Martin has continued to keep the appropriate U.S. government agencies informed of our actions. The team continues to work around the clock to restore employee access to the network, while maintaining the highest level of security."

So, was the cyber attack routine - Lockheed, like most government and commercial defense organizations around the world,  gets attacked on a daily basis - or was it something more? The jury is still out, but there does seem to be a sense that the SecurID breach may be more significant than first thought. SecurID is still not talking about the Lockheed issue, at least not yet. 

The Financial Times of London today had a nice explanation of why the IT security community is uneasy about what happened at Lockheed:

"The National Security Agency ...[declared that] ... not long after the RSA attack that the tokens should no longer be deemed sufficient to grant access to 'critical infrastructure'. Defence contractors including Lockheed began requiring employees to put in extra personal passwords."

"Although Lockheed said its programs and customer data had not been compromised in the attack, the breach suggests that the extra passwords were not sufficient to repel hackers, an ominous sign for remote-access systems in defence and other industries."

The Lockheed cyber attack also suggests that it isn't some lone hacker that was involved in the SecurID breach, but more likely a state-sponsored group. Lockheed has some of the most sophisticated IT security defenses around, and it is unlikely that a single hacker would have been able to cause as much disruption to Lockheed's network as has been reported.

Last March, EMC played down the financial impact of the cyber attack on SecurID. That may now be changing.

Raising the story's profile a bit more, there is also a story in today's Wall Street Journal reporting that the US government has decided that certain types of cyber attacks originating from another country can constitute an act of war, and therefore trigger a "traditional" military response from the US.

As one military official in the WSJ article stated it:

"If you shut down our power grid, maybe we will put a missile down one of your smokestacks."

Of course, tracking such an attack as being sponsored by specific country is not especially easy, as this other Reuters story from yesterday points out. And if Lockheed's IT systems had been significantly compromised say by another country, would that warrant US military retaliation?

A story in The Australian says that Australian mining companies are experiencing an onslaught of cyber attacks by persons unknown who are seemingly interested in gaining insights into their corporate decision making and strategic plans. Do cyber attacks that target a country's economic interests constitute an act of war?

What if a major US bank's IT systems were taken out, say in similar fashion to what happened to South Korea's Nonghyup bank by supposedly North Korea?

And how long does a power grid have to be turned off by a cyber attack to start a war? An hour, a day or a week or more?

The WSJ says that the decision to treat certain types of cyber attacks as potential acts of war is part of a DoD cyber strategy policy document which is expected to be made public in the following weeks. I will be interested whether it has answers to these types of questions or not.

The Conversation (0)

Metamaterials Could Solve One of 6G’s Big Problems

There’s plenty of bandwidth available if we use reconfigurable intelligent surfaces

12 min read
An illustration depicting cellphone users at street level in a city, with wireless signals reaching them via reflecting surfaces.

Ground level in a typical urban canyon, shielded by tall buildings, will be inaccessible to some 6G frequencies. Deft placement of reconfigurable intelligent surfaces [yellow] will enable the signals to pervade these areas.

Chris Philpot

For all the tumultuous revolution in wireless technology over the past several decades, there have been a couple of constants. One is the overcrowding of radio bands, and the other is the move to escape that congestion by exploiting higher and higher frequencies. And today, as engineers roll out 5G and plan for 6G wireless, they find themselves at a crossroads: After years of designing superefficient transmitters and receivers, and of compensating for the signal losses at the end points of a radio channel, they’re beginning to realize that they are approaching the practical limits of transmitter and receiver efficiency. From now on, to get high performance as we go to higher frequencies, we will need to engineer the wireless channel itself. But how can we possibly engineer and control a wireless environment, which is determined by a host of factors, many of them random and therefore unpredictable?

Perhaps the most promising solution, right now, is to use reconfigurable intelligent surfaces. These are planar structures typically ranging in size from about 100 square centimeters to about 5 square meters or more, depending on the frequency and other factors. These surfaces use advanced substances called metamaterials to reflect and refract electromagnetic waves. Thin two-dimensional metamaterials, known as metasurfaces, can be designed to sense the local electromagnetic environment and tune the wave’s key properties, such as its amplitude, phase, and polarization, as the wave is reflected or refracted by the surface. So as the waves fall on such a surface, it can alter the incident waves’ direction so as to strengthen the channel. In fact, these metasurfaces can be programmed to make these changes dynamically, reconfiguring the signal in real time in response to changes in the wireless channel. Think of reconfigurable intelligent surfaces as the next evolution of the repeater concept.

Keep Reading ↓Show less