March 18, 2011

Major Security Company Hacked

EMC Corp., the world's largest maker of data storage computers, released a statement explaining that its security division RSA has been compromised and that the hackers used a widely used technology for preventing computer break-ins, the Associated Press (AP) reports.

The intrusion is a major embarrassment to the Hopkinton, Mass. based company. EMC's security division, RSA, plays an important role in prohibiting unauthorized access into heavily guarded networks.

RSA's customers include the military, governments, various banks and medical facilities and health insurance outfits but the extent of the hacking is not entirely known at this time.

The origin of the attack was not specified, but the hacking was, "extremely sophisticated", according to the statement. Infiltrators are believed to have swiped confidential data on RSA's SecurID products. SecurID underpins the ubiquitous RSA-branded "dongles" and other measures that aid important computer networks with an additional layer of protection.

SecurID makes it difficult to break into a computer even, if a password is compromised for example. Working in concert with back-end software, the security hardware generates an additional password that only the holder of the device would know. But the system is at risk if a hacker can reconfigure how those additional passwords are generated.

A filing with the Securities and Exchange Commission (SEC) detailed that RSA was the victim of an "advanced persistent threat," industry jargon for a highly sophisticated computer attack, usually associated with corporate espionage, nation-state attacks, or high-level cyber criminal gangs.

RSA, of the best-known companies providing "two-factor authentication" technology, declined to comment to AP on what type, or how much, information had been compromised.

A security analyst with the IT-Harvest firm, Richard Stiennon told AP that "tremendous repercussions" would be at stake if hackers were able to access critical systems using the stolen information. "You'd never have a sign that you've been breached," he tells AP.

EMC claims to be providing "immediate remediation steps" for customers but did not specify what those might be other than offering generic security tips that offer clues about how its customers might be targeted with the information stolen from RSA.

Some of those tips include closer monitoring of social networking websites by personnel with access to critical networks and the danger of clicking on links or attachments in suspicious e-mails.

RSA detailed in its SEC filing that it is "confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers." However, it warned that "this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."

Executive chairman, Art Coviello explained, "We have no evidence that customer security related to other RSA products has been similarly impacted. We are also confident that no other EMC products were impacted by this attack. It is important to note that we do not believe that either customer or employee personally identifiable information was compromised as a result of this incident."


On the Net: