The cyber security firm's portable password generators were duplicated
Posted 06.07.2011 at 3:25 pm
8 Comments
RSA SecurIDs
br1dotcom via Flickr
Yet another wrinkle in the ongoing flood of cyber security stories emerging over the past couple of weeks: RSA Security--maker of those little keychain tokens that generate constantly changing passwords for users logging into secure networks--is offering increased security monitoring and the complete replacement of SecurID tokens to nearly all of its customers after evidence emerged that the recent cyber attack on Lockheed Martin was perpetrated in part using data stolen from RSA.
That’s something of a massive recall. RSA’s SecureID tokens add a second layer of protection to employees’ static passwords via a keyfob-like device that displays a second numeric password necessary to log on. That password changes every 30 seconds, ensuring that even if someone steals an employee’s regular password, the perpetrator still won’t be able to access a secure server without possession of the SecureID token.
Related Articles
Tags
Technology, Clay Dillow, cyber defense, cyber security, defense, lockheed, military, rsa securityThe letter also admitted that data stolen from RSA was used to breach Lockheed Martin’s networks (specifically, the hackers used duplicates of the SecureID tokens issued to Lockheed employees).
That doesn’t bode particularly well for RSA or for American corporations’ cyber defense abilities on the whole, seeing as cyber security is RSA’s bread and butter and its core competency. Considering its SecureID tags are employed by millions of corporate workers--including those at various other defense-related companies--this latest revelation isn’t exactly welcome news for anyone (except the hackers who got away with it). RSA is now scrambling to replace tokens and offer additional security monitoring for its non-defense-related clients.
[WSJ]
8 Comments
To comment, please Login.
Popular Tags
Technology
|
|
|
|
|
|
July 2013: The Future Of Flight
The incredible innovations, like drone swarms and perpetual flight, bringing aviation into the world of tomorrow. Plus: today's greatest sci-fi writers predict the future, the science behind the summer's biggest blockbusters, a Doctor Who-themed DIY 'bot, the organs you can do without, and much more.
.jpg)
Popular on Popsci
Most Commented
Technology
- Green Light For Plan To Build World's Tallest Building At Record Speed
- Why The U.S. Won't Dare Kill Edward Snowden With A Drone Strike
- U.S. Government Uses Early Knowledge Of Microsoft Bugs For Spying
- Congress Was Not Really Briefed On PRISM
- A Concise History Of The NSA's Online Spying Program PRISM
- Counterpoint: The U.S. Could Totally Kill Edward Snowden With A Drone Strike
- Who's More Powerful, China Or The United States? [Infographic]
- Why Government Phone Spying Is Really About Big Data
- Watch This Insane Helicopter-Bike Fly Around
- Designers Spruce Up The Government's Crappy PowerPoint
Most Emailed
Technology
- Scenes From Asia's First 3-D-Printed Fashion Show
- A 3-D Printed Fashion Show Inspired By Birds
- Counterpoint: The U.S. Could Totally Kill Edward Snowden With A Drone Strike
- How Surveillance Has Evolved In The United States [Timeline]
- A Brief History Of The Demise Of Battle Bots
- Nursing Home Tracks Residents' Every Move
- Researchers Can Now "Hear" The Exact Shape Of A Room
- Designers Make City Noise Actually Sound Good
- All Of America's Waterways On One Map [Infographic]
- The 6 Most Important Things We Learned From Edward Snowden's Guardian Q&A
Most Viewed
Technology
- Scenes From Asia's First 3-D-Printed Fashion Show
- A 3-D Printed Fashion Show Inspired By Birds
- Counterpoint: The U.S. Could Totally Kill Edward Snowden With A Drone Strike
- How Surveillance Has Evolved In The United States [Timeline]
- A Brief History Of The Demise Of Battle Bots
- Nursing Home Tracks Residents' Every Move
- Researchers Can Now "Hear" The Exact Shape Of A Room
- Designers Make City Noise Actually Sound Good
- All Of America's Waterways On One Map [Infographic]
- The 6 Most Important Things We Learned From Edward Snowden's Guardian Q&A
Online Content Director: Suzanne LaBarre | Email
Senior Editor: Paul Adams | Email
Associate Editor: Dan Nosowitz | Email
Assistant Editor: Colin Lecher | Email
Assistant Editor: Rose Pastore | Email
Contributing Writers:
Kelsey D. Atherton | Email
Francie Diep | Email
Shaunacy Ferro | Email
Today on PopSci.com
.JPG)
Copyright © 2012 Popular Science
A Bonnier Corporation Company. All rights reserved. Reproduction in whole or in part without permission is prohibited.
100 bucks says China's behind attack. wouldn't be the first time ^-^
cyber-punk reality is becoming more and more real every day. Net Cowboys!
it was some foreign country i can tell you that
I don't understand why don't we disconnect all defense computers from the internet completely. Cyber attacks are only going to get worse. I was under the impression Darpa created the first version of the internet. Is it feasible to create an entirely new military network with different protocols that is not connected to the internet? Hacker's would be unfamiliar with the new system plus they don't have an access point to break in.
@J.G.
A computer doesn't have to be connected to the internet to be breached. There was a security breach a while ago at the Pentagon (I think) that was caused by a worm in a flash USB drive.
@J.G.
Creating an autonomous network solely for defense networking is a great idea, as long as, you don't plan on sending data overseas. Creating a super secret protocol to send over existing infrastructure or using satellites to communicate with offices/units in other countries still leaves a locked door to be picked by hackers. The only way to keep data truly safe is to plan to never share or store it. There is no such thing as an unhackable system, there is no such thing as impenetrable security.
But even if there was an autonomous defense network the physical cables would still provide some access via the substations. You know your nation's cyber security is in bad shape when the security companies are hacked.
We need to get the drop on China before they start producing new fighter aircraft.
Ha! The government can't seem to catch a break. It's because they centralize too much of their information, making it easier for hackers to focus their attacks. But hey, at least they tried to do something different by using password manager devices. I use MyLOK personally. But if they had them manufactured in China, then they should've seen a security crisis coming. The boomerang effect of outsourcing.