Skip to main content

RSA SecurID hit by hackers

In an open letter to RSA customers, executive chairman Art Coviello said the company had recently identified an extremely sophisticated cyber attack in progress being mounted against RSA's SecurID two-factor authentication products.

Open Letter to RSA Customers

Like any large company, EMC experiences and successfully repels multiple cyber attacks on its IT infrastructure every day. Recently, our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA. We took a variety of aggressive measures against the threat to protect our business and our customers, including further hardening our IT infrastructure. We also immediately began an extensive investigation of the attack and are working closely with the appropriate authorities.

Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Our investigation also revealed that the attack resulted in certain information being extracted from RSA’s systems. Some of that information is specifically related to RSA’s SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.

We have no evidence that customer security related to other RSA products has been similarly impacted. We are also confident that no other EMC products were impacted by this attack. It is important to note that we do not believe that either customer or employee personally identifiable information was compromised as a result of this incident.

Our first priority is to ensure the security of our customers and their trust. We are committed to applying all necessary resources to give our SecurID customers the tools, processes and support they require to strengthen the security of their IT systems in the face of this incident. Our full support will include a range of RSA and EMC internal resources as well as close engagement with our partner ecosystems and our customers’ relevant partners.

We regret any inconvenience or concern that this attack on RSA may cause for customers, and we strongly urge you to follow the steps we’ve outlined in our SecurCare Online note. APT threats are becoming a significant challenge for all large corporations, and it’s a topic I have discussed publicly many times. As appropriate, we will share our experiences from these attacks with our customers, partners and the rest of the security vendor ecosystem and work in concert with these organizations to develop means to better protect all of us from these growing and ever more sophisticated forms of cyber security threat.


Sincerely,
/s/ Art Coviello
Art Coviello
Executive Chairman

Popular Posts

How to stop FortiClient from starting automatically?

Installed FortiClient recently but the challenge in disabling the application/service from running automatically on every start-up annoyed me. Attempt to stop 'FortiClient Service Scheduler' only return 'Parameter is incorrect' error message.

An article on Technet help solve my trouble. To stop FortiClient from starting automatically, try the following:
Shut down FortiClient from the system tray.
Run net stop fortishield on command prompt.
Run msconfig.
On msconfig, switch to the Services tab. Clear the FortiClient Service Scheduler check box and click Apply.Run services.msc on command prompt to open up show all available services.Look for FortiClient Service Scheduler. Switch Startup type to Manual.Restart your computer. FortiClient should not be running automatically the next time round. Hope it helps.

Ho Ching named 5th most powerful and is mistaken as first lady by Forbes

Forbes named Singapore Prime Minister wife and CEO of Temasek Holdings, Ho Ching, as the 5th most powerful woman in the world. Ho Ching is mistaken as Singapore's first lady! OMG!

I wonder how can Forbes makes such a blunder. For a complete list, refer to here.

Speech by Mr Inderjit Singh on Population White Paper

People's Action Party MP, Mr Inderjit Singh, debated on the Population White Paper and put up his point across that he is against his own party's 6.9m projected population. I applaud his courage to stand up against the party whip and for his fellow Singaporeans.

His key points are;

Slow down immigration and focus on resolving all issue related to the past population boom.We can live with a slightly slower growth (not zero or slow growth) and hence moderate dependence on foreigners.Use the Dubai model to complement our local workforce with foreign workforce, but don’t grant them PRs – ie a transient workforce.Abandon the 6.9m figure by 2030, this will be another rapid growth which we cannot handle.Solve Singaporeans problems first and also don’t give PRs same privileges as citizens.
As published on Mr Inderjit Singh's Facebook status, the full speech made in the parliament is as below:

Speech by Mr Inderjit Singh, MP for Ang Mo Kio GRC
On the White Paper on Population


Madam S…