The embarrassing breach of RSA's SecurID product continues to bite the company where it hurts -- its credibility. In the wake of new revelations, RSA will replace security tokens for about half of its SecurID customers.
The unfortunate story began in March. That's when hackers breached RSA servers and walked off with data they could use to compromise the security of two-factor authentication tokens that 40 million people use to access secure government and corporate networks.
Then cyberattacks started hitting left and right. In perhaps the largest wave in Internet history, Epsilon, Sony, Google , PBS and Nintendo have all been hit. Although RSA insists the attacks are totally unrelated to the March breach, they do point to a changing threat landscape that's causing concern for security researchers, corporations and consumers.
Then it got even worse. Amid this wave of attacks, RSA announced more bad news. On June 2, RSA confirmed that data stolen from the company in March was used in an attempted attack on Lockheed Martin, a major U.S. government defense contractor. Lockheed reportedly thwarted the attack.
RSA's Expanded Program
RSA is now moving quickly to rebuild its tarnished reputation. RSA Executive Chairman Art Coviello said in a letter to customers that the attack on Lockheed does not reflect a new threat or vulnerability in RSA SecurID technology. He said the fact that the only confirmed use of the extracted RSA information involved a major defense contractor only reinforces RSA's view of the attackers' motive.
"We remain highly confident in the RSA SecurID product as the leading multi-factor authentication solution, and we also feel strongly that the specific remediations we have provided to customers will help to deliver the highest levels of customer protection," Coviello wrote. "However, we recognize that the increasing frequency and sophistication of cyberattacks generally, and the recent announcements by Lockheed Martin, may reduce some customers' overall risk tolerance."
He outlined an expanded remediation program that aims to reinforce customers' trust in RSA SecurID tokens and their overall security posture. RSA is offering to replace SecurID tokens for customers with concentrated user bases typically focused on protecting intellectual property and corporate networks. RSA is also offering to implement risk-based authentication strategies for consumer-focused customers with a large, dispersed user base, typically focused on protecting web-based financial transactions.
More Breaches Ahead?
Similar to the Google breach in 2009, the recent RSA breach was a defining moment that has forever changed the threat landscape, according to Tom Murphy, chief strategy officer for Bit9. The Google breach raised awareness of China as a significant threat that will target private companies -- not just government agencies, he said, and the RSA breach was another reminder of China's powerful cyber espionage capabilities.
"RSA was the trusted night watchman who held the master key to the front door of companies and government agencies around the world. China may now have stolen the key ring off the night watchman and has presumably started walking in the front door of RSA's customers such as Lockheed, L-3 Communications, and Northrop Grumman -- the worst possible scenario," Murphy said. "China's strategic decision to go after the keys has left security professionals around the world scrambling for an answer. I would expect a weekly breach announcement of similar detail for the next few months."
0 komentar:
Post a Comment