RSA SecureID hackers are linked to a third military contractor hack

HACKERS MIGHT HAVE ATTACKED a third US military contractor, again using cryptographic identity key data they might have obtained from RSA Security earlier this year.

A source within Northrop Grumman told Fox News that the firm shut down remote access to its network at the end of last month and conducted a complete domain name and password reset. In a statement, the company didn't confirm that it had been hit with a cyber attack, but didn't deny it either.

If this latest hacking incident is confirmed, it will be the third large military contractor in a week that has been said to have suffered an attack, with Lockheed Martin and L-3 Communications being the other two firms to have reportedly encountered hacking attempts.

Speculation is rife that a breach of RSA's SecureID tokens earlier this year was the source of the trouble, with attackers having made off with data relating to the two-factor authentication software back in March.

Graham Cluley, security consultant at Sophos said in a blog post, "RSA hasn't been forthcoming about the precise details of what was taken when they were hacked."

"But now that a third military contractor appears to have suffered as a consequence, there will be many firms keen to hear more details of how they should protect themselves." µ