China under suspicion in U.S. for Lockheed hacking

WASHINGTON Thu Jun 2, 2011 5:57pm EDT

WASHINGTON (Reuters) - Suspicion that some individual or entity in China was behind a recent cyber attack on Lockheed Martin is growing among experts and agencies looking into the incident.

"It's unclear at this point precisely who conducted the attacks, but given past history with these sorts of things, there's a strong tendency to look east. The Far East, in fact, and a country that not so long ago hosted the Olympics," said one U.S. official who asked for anonymity, but was reluctant to point the finger at China by name.

Official and private U.S. cyber-security told Reuters that forensic tracing of attacks like the one that caused Lockheed temporarily to instruct employees to curb remote access to company networks was notoriously difficult, and that clever hackers usually lay elaborate false trails to cover their tracks.

But a U.S. official familiar with progress on the investigation said there was increasing suspicion the Lockheed hack originated with "someone in China."

Likewise, Google said on Wednesday that it had reason to believe that a hacker attack targeting some of its Gmail account holders appeared to originate in China.

The Chinese government rejected Google's allegations, saying that accusations that China fomented hacking "have ulterior motives" and that it was "unacceptable" for the company to blame Beijing.

On Thursday, Wang Baodong, a spokesman for the Chinese Embassy in Washington said he had nothing to add on the issue beyond "authoritative" denial issued earlier in the day by the Foreign Ministry in Beijing.

Lockheed said in a press statement that on May 21, the company detected what it described as a "significant and tenacious attack" on its networks. The company said it detected the attack "almost immediately," took "aggressive actions" to protect its systems and succeeded in insuring that no data of any kind was compromised.

People familiar with the Lockheed hacking attempt said that hackers managed to get into the defense contractor's networks using data stolen in March by hackers which could be used to reduce the effectiveness of SecureID tokens produced by EMC Corp . The tokens are widely used by companies to give their employees secure remote access to computer networks.

(Reporting by Mark Hosenball and Paul Eckert; Editing by Sandra Maler)

FILED UNDER: