October 12, 2011
RSA Security Pins Attack On Nations
EMC's security division said on Tuesday that two groups from the same country teamed up to launch a sophisticated attack against RSA Security's systems in March and stole information on its SecurID tokens.
Senior RSA executives said on Tuesday that unspecified information gained during the attack paved the way towards an unsuccessful attack against a defense contractor.
"Two groups were involved in the attack," Thomas Heiser, RSA Security president, said during a keynote during the RSA Conference in London on Tuesday. "Both are known to authorities but they have never worked together before."
"The attack involved a lot of preparation," he added.
SecurID is used by thousands of large organizations to help authenticate staff. The company said in June that it would replace SecurID tokens for nearly all of its customers.
The security arm of EMC used forensic examination to draw conclusions about the origin and purpose of the assault on the systems.
RSA executive chairman Art Coviello said "one group was very visible and one less so."
"We've not attributed it to a particular nation state," Coviello said at the conference. "However with the skill and degree of resources involved it could only have been a nation state."
Heiser downplayed what exactly happened and how it affected customers of its flagship SecurID two-factor authentication technology.
"There was one attack on RSA," he said at the conference. "The information taken from the RSA attack was a vector in one other attack, which was thwarted. We know of no other attack.
"We killed the attack while it was still in progress and communicated rapidly with our customers as much as we could tell them."
On the Net: