RSA: Cyberattack could put customers at risk

ronjor · Mar 17, 2011

by Elinor Mills

Information about RSA's SecureID authentication products was stolen during an "extremely sophisticated cyberattack" and customer implementations of the security technology could be compromised, the company said today.

"Recently, our security systems identified an extremely sophisticated cyberattack in progress being mounted against RSA," Executive Chairman Art Coviello, wrote in an open letter to customers, which was posted on the company's Web site.
Click to expand...

http://news.cnet.com/8301-27080_3-20044455-245.html

JRViejo · Mar 18, 2011

RSA warned its customers yesterday that its network had been breached and data had been stolen that could affect customers using its popular SecurID token authentication technology. Although details are scarce, here's what we know so far.
Click to expand...

What the RSA breach means for you (FAQ) by Elinor Mills.

Dermot7 · Mar 31, 2011

"Details about the recent cyber attacks against security firm RSA suggest the assailants may have been taunting the industry giant and the United States while they were stealing secrets from a company whose technology is used to secure many banks and government agencies." :

http://krebsonsecurity.com/2011/03/domains-used-in-rsa-attack-taunted-u-s/

chronomatic · Apr 2, 2011

RSA's refusal to provide any information about this attack should make anyone who uses their products think twice about it in the future. Their customers apparently aren't important enough to let in on what actually happened and how much risk they face.

MrBrian · Apr 2, 2011

RSA/EMC: Anatomy of a compromise

chronomatic · Apr 3, 2011

MrBrian said:

RSA/EMC: Anatomy of a compromise
Click to expand...

Some of the facts as written by Mr. Rivner:

The first part of the attack was a spear-phishing attempt aimed at non-high-profile targets. The information on the targets was most likely mined from social networking sites. All it took was one of the targeted employees who was tricked into opening an attached Excel spreadsheet.

The Excel spreadsheet contained a zero-day exploit targeting an Adobe Flash vulnerability.

The exploit added a backdoor and installed a remote administration program.

The malware then captured credentials for user accounts in order to compromise higher value targets.

Click to expand...

So a low level employee opening a phishing e-mail leads to a multi-million dollar compromise? What idiots thought up their security policy? These non-critical machines should have *no* access whatsoever to critical infrastructure where trade-secrets are stored. These machines should have been air-gapped so that Jane Doe secretary's crappy XP machine doesn't have access to the keys to the kingdom. There's no excuse for it.

Come on RSA, just come clean: what did the attackers get? The deafening silence is making more and more people feel like SecureID is completely broken and utterly useless. I'm not a SecureID user, but I would be thoroughly ticked off about this if I were.

Log in or Sign up

RSA: Cyberattack could put customers at risk

ronjor Global Moderator

JRViejo Super Moderator

Dermot7 Registered Member

chronomatic Registered Member

MrBrian Registered Member

chronomatic Registered Member

Log in or Sign up

RSA: Cyberattack could put customers at risk

ronjor Global Moderator

JRViejo Super Moderator

Dermot7 Registered Member

chronomatic Registered Member

MrBrian Registered Member

chronomatic Registered Member

Useful Searches