SecurID tokens that are widely used as part of a two-step authentication procedure may have been compromised. RSA Security, makers of SecurID and one of the country’s leading security firms, has said that hackers “extracted” data related to SecurID.
In an open letter published on its web site, Executive Chairman Art Coviello said the company’s security systems recently identified “an extremely sophisticated cyberattack in progress.” The company said it responded with “a variety of aggressive measures,” conducted an investigation, and has been working closely with authorities.
Advanced Persistent Threat
RSA said the attack, in the category of Advanced Persistent Threat, resulted in certain information being obtained by the hackers — some of it “specifically related to RSA’s SecurID” products. Advanced Persistent Threat is a term that is often related to attacks believed to involve professional, organized hacking, such as from corporate espionage, other countries, or criminal organizations.
RSA, owned by EMC, is one of the world’s leading security vendors, and its customers include banks, the military and other government agencies, and major medical organizations.
“While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers,” Coviello wrote, “this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.”
RSA said it is “actively communicating” the situation to its customers, including providing steps that could strengthen SecurID implementation. It recommended that companies monitor their networks, as well as hacker or social-networking sites where confidential data might be distributed. No other RSA products appear to have been impacted, the company said.
‘Breaking Into Fort Knox’
The SecurID two-factor authentication system utilizes a username/password combination, plus an authenticator, which is a small key chain dongle that generates a new six-digit number every 60 seconds. A…
ASUS Eee PC 1015PEM-PU17-BK 10.1-Inch Netbook (Black)Embrace mobile computing in style with the new Asus Eee PC 1015PEM. The 1015PEM packs the latest ATOM CPU from Intel, the Dual Cor…
Dell Inspiron Mini 1018 4034CLB Netbook (Clear Black)The newly designed Inspiron Mini 10 is a lightweight mobile net book that goes anywhere with you, so it’s always easy to check y…
