RSA: SecurID Hack Tied to Lockheed Attack
RSA Moves to Replace Customers' Multifactor Authentication TokensIn an open letter from RSA Executive Chairman Arthur Coviello Jr. to SecurID customers posted on its website, the security unit of storage vendor EMC also offered to implement risk-based authentication strategies for consumer-focused customers with a large, dispersed user base, typically focused on protecting web-based financial transactions.
SecurID customer Lockheed Martin, the country's largest military contractor that provides IT services to federal defense and civilian agencies, said it discovered on May 21 that its IT systems had been attacked (see RSA SecurID Breach Could be at Root of Network Disruption).
Coviello said RSA confirmed June 2 that information taken from RSA in March had been used as an element of an attempted broader attack on Lockheed Martin, noting that the defense contractor had thwarted the attack. "It is important for customers to understand that the attack on Lockheed Martin does not reflect a new threat or vulnerability in RSA SecurID technology," Coviello said. "Indeed, the fact that the only confirmed use to date of the extracted RSA product information involved a major U.S. defense contractor only reinforces our view on the motive of this attacker."
The SecurID brand had been damaged by last March's digital assault on RSA (see RSA Says Hackers Take Aim At Its SecurID Products) and the attack on Lockheed Martin. "We recognize that the increasing frequency and sophistication of cyberattacks generally, and the recent announcements by Lockheed Martin, may reduce some customers' overall risk tolerance," Coviello said.
Coviello said RSA will provide additional factors to strengthen its authentication products. "We will integrate these solutions with our cybercrime intelligence to better identify suspicious behavior targeted at networks, transactions and user sessions," he said.