Lockheed Martin recently suffered a hacking incident. In the days that followed, it was reported by the NY Times that the attack was indeed linked directly to a previous RSA hack that stole what is still unidentified information from RSA. CNET has posted more information and links and Wired has a blurb about L3.
As I mentioned on Twitter, how much better would we all be if RSA had divulged full details to the public or affected parties? Were they just going to wait and hope nothing came of whatever was stolen from them?
Of course, with something like this the worst should be assumed, but that’s not a great strategy to tell your boss or use to formulate your budgets and risk postures. No one assumes the worst; if they (or we) did, we’d have far better security initiatives…
I understand they are certainly fixing whatever was broken and replacing what needs to be replaced, but it’s still irresponsible in my book.