22/3/11
By Sophie Baker
RSA executive chairman Art Coviello’s revelation that internal systems at RSA had been the victims of cybercrime, and that the resulting data breach could compromise the authentication capabilities of the SecurID authentication tokens, has rocked the security industry.
RSA, the security division of EMC, released an open letter from Coviello, addressing RSA customers. It read: “Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Our investigation also revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.”
SecurID tokens are used by tens of millions of users to securely log into online banking and enterprise networks over the internet.
The industry has commented on the news, with IronKey speculating on the potential damage this data breach could cause.
“Criminals used an Advanced Persistent Threat (APT) attack to breach the RSA SecurID infrastructure, and can now combine that information with data-stealing malware in order to compromise high value online banking sites,” explained Dave Jevans, IronKey’s founder and chairman.
IronKey said the incident, despite being investigated, threatens the integrity of bank payment services, enterprise remote access and government systems.
RSA Security did not take up its right to reply at the time of press.
