RSA Blames Breach on Two Hacker Clans Working for Unnamed Government

Wired, By Kim Zetter, October 11, 2011

Two separate hacker groups whose activities are already known to authorities were behind the serious breach of RSA Security earlier this year and were likely working at the behest of a government, according to new statements from the company’s president. RSA President Tom Heiser, speaking at the RSA conference in London this week, said that the two unidentified hacker groups had not previously been known to work together and that they possessed inside information about the company’s computer naming conventions that helped their activity blend in with legitimate users on the network, according to IDG news service. Heiser said that due to the sophistication of the breach, “we can only conclude it was a nation-state-sponsored attack.” RSA announced last March that intruders had breached its network and succeeded in stealing information related to the company’s widely used SecurID two-factor authentication products. SecurID adds an extra layer of protection to a login process by requiring users to enter a secret code number displayed on a keyfob, or in software, in addition to their password. The number is cryptographically generated and changes every 30 seconds.  The company was forced to replace SecurID customer tokens after the breach. The attackers gained access to the network after sending two different targeted phishing e-mails to four workers at its parent company EMC. The e-mails contained a malicious attachment that was identified in the subject line as “2011 Recruitment plan.xls.” http://www.wired.com/threatlevel/2011/10/two-hacker-groups-breached-rsa/

Advertisements
  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: