“Advanced Persistent Threat” Questions RSA SecurID

Lockheed Martin, the world’s largest defense company, first detected an intruder trying to break into its network on May 22.  Intruders apparently created duplicates of “SecurID” electronic keys, used to log into networks, from EMC’s RSA security division.

“Our systems remain secure; no customer, program or employee personal data has been compromised,” Company spokeswoman Jennifer Whitlow of the Bethesda, MD.-based company said. White House spokesman Jay Carney said, “Based on what I’ve seen, they feel it’s fairly minimal in terms of the damage.”

Back in March,  Art Coviello, Executive Chairman of RSA, an EMC Company, said in statement, “the attack is in the category of an Advanced Persistent Threat (APT).  Our investigation also revealed that the attack resulted in certain information being extracted from RSA’s systems. Some of that information is specifically related to RSA’s SecurID two-factor authentication products.”  He went on to say, “While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.”

- – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - -
Global Records Compliance: What You Need to Know
- – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - -

Advanced Persistent Threat (APT) is a big deal, usually associated with a nation/state organization level.  If cyber-security threats are on the rise, we want to trace them and the systems being threatened.    EMC is reporting that remediation has been provided in the form of replacing the SecurID tokens.   These memory stick- like units that generate random numbers used in combination with a personal identification number, to gain entry, may have lost the confidence battle:  If intruders get the key, the seed that enables one-time passwords to be generated, then they may have the capability to break into networks that depend on such systems to authenticate users.

In the world of APT’s, confidence tends to be a bigger threat to product life cycles.  If Lockheed throws out the bay with the bath water, and RSA too, this may lead to a new way to manage identities. For the nation’s defense contractors, this may already be happening.

Tek-Tips

, ,

Leave a Reply


*