RSA Hacked—Time to Panic For Corporate I.T.?
Network security vendor RSA has announced that they have been the victim of “an extremely sophisticated cyber attack in progress being mounted against RSA”. Specific details of the breach have been limited thus far, but RSA has confirmed that data taken from their network directly pertains to their SecurID two factor authentication products.
The SecurID system is employed by corporations and businesses all over the world as a means of securing access to sensitive business systems both on-site and from remote locations. The keys generated by the system require a user to connect using their username, a personalized PIN number, and a security token generated by SecureID devices. Each token is generated by the user when they begin a connection, and usually remains valid for about 30 seconds. This method has been a cornerstone of system access security for quite some time, but now may be at risk of breach.
If you’ve never seen a SecurID device, they typically appear as a keychain sized box with a small LCD screen that allows an individual the ability to generate personal access codes on demand to connect to business systems. The breach at RSA, while not directly jeopardizing any consumer data, could lead to subsequent attacks on systems that use the device for security.
RSA chairman Arthur W. Coviello Jr. posted an open letter on the company’s website detailing the steps that RSA is taking to mitigate the damage. Unfortunately, at this stage, SecurID customers are forced to rely on their employees to take appropriate steps to safeguard their access information. It’s safe to say that currently nobody knows how or when the hackers will attempt to use the stolen data, but it’s likely they will try.
With many thousands of systems now potentially vulnerable, will security stay in the hands of the individual users for very long? Chances are, at least some corporations will begin to deny access to systems, particularly via remote connection, until the potential for danger can be assessed fully.
In the meantime, the rest of us may need to keep our fingers crossed that any exploits of the stolen data don’t result in any of our own information being stolen for nefarious purposes. Let’s hope the scores of SecurID users out there pay careful attention to exactly who or what is accessing their systems.