Welcome!

SYS-CON UK Authors: Salvatore Genovese, Jeremy Geelan, Jamie Matusow

Related Topics: Cloud Security

Cloud Security: Article

RSA Hacked & Compromised

RSA’s security systems identified the attack while it was in progress

EMC’s RSA security unit has been hacked.

RSA executive chairman Art Coviello said in a post that an extremely sophisticated cyber attack resulted in “certain information being extracted from RSA’s systems. Some of that information is specifically related to RSA’s SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.”

He wasn’t more specific, leaving users uncerta



in of their risk level but obviously the number-changing RSA security tokens used to login to sensitive medical, insurance, banking, government and military corporate VPNs are compromised.

The widgetry is used by upwards of 25,000 corporations and 40 million users.

Coviello said RSA’s security systems identified the attack while it was in progress. RSA took “a variety of aggressive measures against the threat to protect our business and our customers, including further hardening of our IT infrastructure” and later identified it as a form of Advanced Persistent Threat (APT).

The company called the cops.

Coviello said RSA is “communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.” He didn’t say what that meant.

RSA doesn’t think customer or employee personally identifiable information was compromised.

More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.