The Commonwealth Bank of Australia (CBA) will continue to use its fleet of SecurID tokens as it works through discussions with RSA, following a recent security breach that saw compromised tokens used in an attack on US-defence contractor, Lockheed Martin.
(Credit: Luke Hopewell/ZDNet Australia)
The bank told ZDNet Australia today that it has implemented "an additional layer of security" as discussions progress.
"As a security measure, we've put in additional security, and we continue to talk to RSA since [the breach]," it said.
While the bank declined to go into more detail around the extra layer of security that it had implemented, it said that it continues to monitor all secure systems for potential breaches around the clock.
"The tokens are only one part of a multi-layered security process," the bank said.
RSA executive chairman Art Covielloreportedly admitted yesterday that the company will replace SecurID tokens "for virtually every customer we have".
ZDNet Australia contacted other banks for an update on their RSA SecurID procedures, including ANZ Bank and HSBC; however, neither had offered a response at the time of publication.
RSA revealed in April that the SecurID token system had been put at risk after a staff member inadvertently ran an Excel document that took advantage of an Adobe Flash vulnerability, installing a backdoor into the company's system. From there, hackers launched an "extremely sophisticated cyber attack", according to RSA, where information was extracted from the company's systems.
RSA said yesterday that it is set to expand the replacement and remediation program for its customers, citing an increasingly unsteady security landscape.
"An unprecedented wave of cyber attacks against varied and high-profile targets such as Epsilon, Sony, Google, PBS and Nintendo have commanded widespread public attention. These attacks are totally unrelated to the breach at RSA, but point to a changing threat landscape and have heightened public awareness and customer concern," Coviello said yesterday in an open letter.