Tweet
Information about RSA's SecureID authentication products was stolen during an "extremely sophisticated cyberattack" and customer implementations of the security technology could be compromised, the company said today.
"Recently, our security systems identified an extremely sophisticated cyberattack in progress being mounted against RSA," Executive Chairman Art Coviello, wrote in an open letter to customers, which was posted on the company's Web site.
"Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Our investigation also revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products," the letter said.
"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack," Coviello wrote. "We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations."
The company said it has no evidence that other products are affected or that customer or employee personally identifiable data was compromised. RSA did not provide any further information.
SecurID tokens provide an extra layer of security to corporate networks by providing access to networks with a password and a randomly generated number provided by the token devices instead of just a password.
Advanced Persistent Attacks often target source code and other information useful in espionage and involve knowledge of the company's network, key employees, and workings. Attackers use social engineering and exploits hidden in e-mail and other messages to sneak keyloggers and other snooping tools onto employees' computers. Google announced last year that it and other companies had been targeted in such an attack and it later came out that attackers used an unpatched hole in Internet Explorer to get into the company computers. Google said at the time that intellectual property was stolen and that the attacks appeared to originate in China.
RSA representatives did not immediately return calls and e-mails seeking comment.
Powered By WizardRSS.com | Full Text RSS Feed | WordPress Plugin
"Recently, our security systems identified an extremely sophisticated cyberattack in progress being mounted against RSA," Executive Chairman Art Coviello, wrote in an open letter to customers, which was posted on the company's Web site.
"Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Our investigation also revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products," the letter said.
"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack," Coviello wrote. "We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations."
The company said it has no evidence that other products are affected or that customer or employee personally identifiable data was compromised. RSA did not provide any further information.
SecurID tokens provide an extra layer of security to corporate networks by providing access to networks with a password and a randomly generated number provided by the token devices instead of just a password.
Advanced Persistent Attacks often target source code and other information useful in espionage and involve knowledge of the company's network, key employees, and workings. Attackers use social engineering and exploits hidden in e-mail and other messages to sneak keyloggers and other snooping tools onto employees' computers. Google announced last year that it and other companies had been targeted in such an attack and it later came out that attackers used an unpatched hole in Internet Explorer to get into the company computers. Google said at the time that intellectual property was stolen and that the attacks appeared to originate in China.
RSA representatives did not immediately return calls and e-mails seeking comment.
Powered By WizardRSS.com | Full Text RSS Feed | WordPress Plugin