In all this talk about hacking, I completely forgot to mention one of the more serious hacks out there. Remember when RSA who are supposedly the kings of security got hacked? Well, there’s been a lot of fallout over that hack. First, defense contractor Lockheed Martin got hacked using technology stolen from RSA:
On Saturday, Lockheed Martin released a statement confirming the attack, which it described as “significant and tenacious.” But it said its information security team “detected the attack almost immediately and took aggressive actions to protect all systems and data.”
As a result, the company said, “our systems remain secure; no customer, program, or employee personal data has been compromised.”
Hackers reportedly exploited Lockheed’s VPN access system, which allows employees to log in remotely by using their RSA SecurID hardware tokens. Attackers apparently possessed the seeds–factory-encoded random keys–used by at least some of Lockheed’s SecurID hardware fobs, as well as serial numbers and the underlying algorithm used to secure the devices.
That suggests that whoever attacked Lockheed Martin may also have been behind the successful breach in March of EMC’s RSA division, which manufactures SecurID. “Since then, there have been malware and phishing campaigns in the wild seeking specific data linking RSA tokens to the end user, leading us to believe that this attack was carried out by the original RSA attackers,” Rick Moy, president and CEO of NSS Labs, said in a blog post.
That hurts RSA in a number of ways. Not only does their image suffer, their competition has seized on this as a means to grab marketshare:
A recent cyber breach at EMC Corp’s RSA security division and a related attack at defense contractor Lockheed Martin Corp have damaged RSA’s once-stellar reputation, according to industry experts.
That has given companies that sell alternatives to RSA’s SecurIDs, such as Symantec Corp and Vasco Data Security International, more room to try to win customers from EMC.
SecurIDs are widely used electronic keys to computer systems, designed to thwart hackers by requiring two passcodes: one that is fixed and another that is automatically generated every few seconds by the security system.
Symantec is paying new customers $5 for every SecurID they trade in for similar technology from Symantec.
From what I hear, there’s a lot of companies taking advantage of that and similar offers from other companies. Another option for companies who are too married to RSA technology to switch is to get their SecurID tokens swapped out for new ones that are not as vulnerable to this sort of attack. But that might not be the cure all that companies are looking for:
Rick Moy, CEO of security consulting firm NSS Labs, said that it is possible that hackers could have already used that information to break into other companies over the past few months without being detected.
“Resetting those tokens may be too late,” he said. “It’s hard to know. RSA hasn’t provided enough detail for folks to figure out on their own what their risk profile is.”
I would agree with that. I would say that the only way to truly be secure is to dump RSA and go with some other technology. Google Authenticator for example. Since I mentioned Symantec earlier on, you may want to look at their User Authentication solutions as well. Sticking with RSA is likely not a good long term plan. Or a short or medium term one for that matter.
In any case, I think we can officially say that RSA is done like dinner. Nobody is going to trust them after this.
Like this:
Like Loading...
Related
This entry was posted on June 11, 2011 at 9:29 pm and is filed under Commentary with tags Hacked, RSA. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
RSA Suffers Fallout Over Hack
In all this talk about hacking, I completely forgot to mention one of the more serious hacks out there. Remember when RSA who are supposedly the kings of security got hacked? Well, there’s been a lot of fallout over that hack. First, defense contractor Lockheed Martin got hacked using technology stolen from RSA:
On Saturday, Lockheed Martin released a statement confirming the attack, which it described as “significant and tenacious.” But it said its information security team “detected the attack almost immediately and took aggressive actions to protect all systems and data.”
As a result, the company said, “our systems remain secure; no customer, program, or employee personal data has been compromised.”
Hackers reportedly exploited Lockheed’s VPN access system, which allows employees to log in remotely by using their RSA SecurID hardware tokens. Attackers apparently possessed the seeds–factory-encoded random keys–used by at least some of Lockheed’s SecurID hardware fobs, as well as serial numbers and the underlying algorithm used to secure the devices.
That suggests that whoever attacked Lockheed Martin may also have been behind the successful breach in March of EMC’s RSA division, which manufactures SecurID. “Since then, there have been malware and phishing campaigns in the wild seeking specific data linking RSA tokens to the end user, leading us to believe that this attack was carried out by the original RSA attackers,” Rick Moy, president and CEO of NSS Labs, said in a blog post.
That hurts RSA in a number of ways. Not only does their image suffer, their competition has seized on this as a means to grab marketshare:
A recent cyber breach at EMC Corp’s RSA security division and a related attack at defense contractor Lockheed Martin Corp have damaged RSA’s once-stellar reputation, according to industry experts.
That has given companies that sell alternatives to RSA’s SecurIDs, such as Symantec Corp and Vasco Data Security International, more room to try to win customers from EMC.
SecurIDs are widely used electronic keys to computer systems, designed to thwart hackers by requiring two passcodes: one that is fixed and another that is automatically generated every few seconds by the security system.
Symantec is paying new customers $5 for every SecurID they trade in for similar technology from Symantec.
From what I hear, there’s a lot of companies taking advantage of that and similar offers from other companies. Another option for companies who are too married to RSA technology to switch is to get their SecurID tokens swapped out for new ones that are not as vulnerable to this sort of attack. But that might not be the cure all that companies are looking for:
Rick Moy, CEO of security consulting firm NSS Labs, said that it is possible that hackers could have already used that information to break into other companies over the past few months without being detected.
“Resetting those tokens may be too late,” he said. “It’s hard to know. RSA hasn’t provided enough detail for folks to figure out on their own what their risk profile is.”
I would agree with that. I would say that the only way to truly be secure is to dump RSA and go with some other technology. Google Authenticator for example. Since I mentioned Symantec earlier on, you may want to look at their User Authentication solutions as well. Sticking with RSA is likely not a good long term plan. Or a short or medium term one for that matter.
In any case, I think we can officially say that RSA is done like dinner. Nobody is going to trust them after this.
Share this:
Like this:
Related
This entry was posted on June 11, 2011 at 9:29 pm and is filed under Commentary with tags Hacked, RSA. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.