Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / RSA Says Hackers Got SecurID Data
RSA Security Says Hackers Got Data on SecurID
RSA Security Says Hackers Got Data on SecurID
By Barry Levine / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MARCH
18
2011
SecurID tokens that are widely used as part of a two-step authentication procedure may have been compromised. RSA Security, makers of SecurID and one of the country's leading security firms, has said that hackers "extracted" data related to SecurID.

In an open letter published on its web site, Executive Chairman Art Coviello said the company's security systems recently identified "an extremely sophisticated cyberattack in progress." The company said it responded with "a variety of aggressive measures," conducted an investigation, and has been working closely with authorities.

Advanced Persistent Threat

RSA said the attack, in the category of Advanced Persistent Threat, resulted in certain information being obtained by the hackers -- some of it "specifically related to RSA's SecurID" products. Advanced Persistent Threat is a term that is often related to attacks believed to involve professional, organized hacking, such as from corporate espionage, other countries, or criminal organizations.

RSA, owned by EMC, is one of the world's leading security vendors, and its customers include banks, the military and other government agencies, and major medical organizations.

"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers," Coviello wrote, "this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."

RSA said it is "actively communicating" the situation to its customers, including providing steps that could strengthen SecurID implementation. It recommended that companies monitor their networks, as well as hacker or social-networking sites where confidential data might be distributed. No other RSA products appear to have been impacted, the company said.

'Breaking Into Fort Knox'

The SecurID two-factor authentication system utilizes a username/password combination, plus an authenticator, which is a small key chain dongle that generates a new six-digit number every 60 seconds. A software token determines the number that is generated, and, if the hackers obtained token information, they conceivably could re-create the generated numbers.

Both the password and the authenticator's number are required to enter secure environments set up to use this approach, which include VPNs, WLANs, e-mail, Windows desktops, servers and other resources. According to RSA's web site, this two-factor authentication system has a "20-year history of outstanding performance," and it's used by millions of customers.

Laura DiDio, an analyst with industry research firm Information Technology Intelligence Corp., likened the attack on RSA to "breaking into Fort Knox."

She said RSA appears to be providing remediation advice to its customers to the extent that it can, although it's not revealing what was stolen. In any event, DiDio said, this episode is bound to "rattle the confidence of those who have relied on this two-factor authentication."

DiDio said that, in addition to any steps recommended by RSA, this "wake-up call" is a good time for companies to review their security structure.

Tell Us What You Think
Comment:

Name:

me:
Posted: 2011-03-18 @ 11:55am PT
RSA SecureID is so yesteryear. Generate the six digits number on the fly, send it in real time to the user's cell phone and expire it in 60 seconds. The window of opportunity for hackers is greatly reduced. Paypal uses this and banks too. RSA SecureID belongs in a museum.

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY

NETWORK SECURITY SPOTLIGHT
President Trump has banned the U.S. government from using Kaspersky. The Russian cybersecurity company has been accused of -- but denied -- being in cahoots with Kremlin espionage.

CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.