Wired reports that L-3 Communications has issued an internal warning to its employees that hackers are trying to access the company networks by using the information about SecurID tokens stolen in the March RSA breach.
The communication, shared by one of the employees, does not include an explanation on how the company knows that cloned SecurID tokens were used or whether the attackers were successful.
Then, only a day later, Fox News came out with the news that Northrop Grumman has likely been targeted by cyber attackers using the same approach. The attack has not been confirmed by the company, but an inside source revealed that on May 26, remote access to the company network was shut down without warning and without an explanation.
"We went through a domain name and password reset across the entire organization," said the source. "This caught even my executive management off guard and caused chaos."
The fact that such actions usually involve an advanced notice across the organization makes the source speculate that it was a network assault similar to that to the other military contractors.