RSA confirms attack was state-sponsored

RSA confirms attack was state-sponsored

Summary: Following internal investigations, RSA has stated definitively that the security breach on its SecurID tokens was executed by two groups acting on behalf of a single nation. The security vendor, however, did not identify the country behind the attack, a report noted.

SHARE:
TOPICS: Security, EMC
3

Following internal investigations, RSA has stated definitively that the security breach on its SecurID tokens was executed by two groups acting on behalf of a single nation. The security vendor, however, did not identify the country behind the attack, a report noted.

In a Reuters report on Tuesday, RSA chief executive Art Coviello revealed its forensic intelligence indicated that the two groups were well coordinated in executing the breach in March, which signalled one nation state was behind the attack.

"One group was more surreptitious in their approach than the other. Is it possible that one was deliberately a little bit more visible than the other to mask the other? It's possible. We don't know," he said.

The company also stated that it did not know for sure which nation was behind the attack.

As a result of the breach, EMC, which owns RSA, has taken a US$66 million charge for the cost of replacing the compromised tokens. Coviello said in the report that demand for these replacement tokens has "slowed to a trickle" and the company now has a large inventory.

SecurIDs are widely used electronic keys to computer systems designed to thwart hackers by requiring two passwords: one fixed PIN and another six-digit number that is automatically generated by the token, typically every 60 seconds.

The chief executive had written an open letter to customers on 6 June stating that it will offer new tokens to "customers with concentrated user bases typically focused on protecting intellectual property and corporate networks". In addition, it would also implement risk-based authentication strategies such as monitoring and fraud detection services for consumer-facing organisations.

Prior to the announcement of the measures, Lockheed Martin suffered network intrusions that were attributed to the SecurID breach. ZDNet Australia's sister site CNET reported that hackers were said to have broken into the weapons maker's computer systems, potentially gaining access to information about future weapons programs as well as military technology currently in use.

Lockheed subsequently revealed that hackers had used data stolen in the RSA breach and other methods to figure out the coded password of a company contractor, but the weapons maker blocked the attack before any sensitive data could be exposed. China has been also fingered as a possible culprit as the attack was similar to other cyber attacks attributed to the nation, a separate report noted.

Via ZDNet Asia

Topics: Security, EMC

Kevin Kwang

About Kevin Kwang

A Singapore-based freelance IT writer, Kevin made the move from custom publishing focusing on travel and lifestyle to the ever-changing, jargon-filled world of IT and biz tech reporting, and considered this somewhat a leap of faith. Since then, he has covered a myriad of beats including security, mobile communications, and cloud computing.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • The implication being that it was the "big bad Chinese". Well, the Gillard, Cameron and Obama governments have proven to be pure warmongers and fascists, eco-fascist and otherwise, whereas the Chinese and Russian governments have proven that they are committed to defending the general welfare and world peace. What kind of secrets do fascist governments need to protect from the Chinese?
    seanolearyoz
  • I always said in the past that SecureID mechanism is not that secure.
    syampillai
  • Clearly you have no idea @seanolearyoz, do you have friends raised in china? I do and when you cant even own your own land you are never truely free, everyone has a good idea it was china as they do not have a contract with lockheed Martin but have tried for years to get one. Till yo u know 100% who it was no point in a "warmongers and fascists, eco-fascist" Blah Blah rant, sounds like you have been to one to many trance parties!
    monkeyau