Yet another wrinkle in the ongoing flood of cyber security stories emerging over the past couple of weeks: RSA Security--maker of those little keychain tokens that generate constantly changing passwords for users logging into secure networks--is offering increased security monitoring and the complete replacement of SecurID tokens to nearly all of its customers after evidence emerged that the recent cyber attack on Lockheed Martin was perpetrated in part using data stolen from RSA.
That's something of a massive recall. RSA's SecureID tokens add a second layer of protection to employees' static passwords via a keyfob-like device that displays a second numeric password necessary to log on. That password changes every 30 seconds, ensuring that even if someone steals an employee's regular password, the perpetrator still won't be able to access a secure server without possession of the SecureID token.
At least that was the idea. Back in March, RSA experienced its own cyber attack, and in a letter issued to customers yesterday it admitted that it has been working behind the scenes ever since to shore up cyber defenses at its defense-oriented clients, as an analysis of the hack at RSA indicated that the perps were seeking information that could be used to breach defense-related companies.
The letter also admitted that data stolen from RSA was used to breach Lockheed Martin's networks (specifically, the hackers used duplicates of the SecureID tokens issued to Lockheed employees).
That doesn't bode particularly well for RSA or for American corporations' cyber defense abilities on the whole, seeing as cyber security is RSA's bread and butter and its core competency. Considering its SecureID tags are employed by millions of corporate workers--including those at various other defense-related companies--this latest revelation isn't exactly welcome news for anyone (except the hackers who got away with it). RSA is now scrambling to replace tokens and offer additional security monitoring for its non-defense-related clients.
100 bucks says China's behind attack. wouldn't be the first time ^-^
cyber-punk reality is becoming more and more real every day. Net Cowboys!
it was some foreign country i can tell you that
I don't understand why don't we disconnect all defense computers from the internet completely. Cyber attacks are only going to get worse. I was under the impression Darpa created the first version of the internet. Is it feasible to create an entirely new military network with different protocols that is not connected to the internet? Hacker's would be unfamiliar with the new system plus they don't have an access point to break in.
A computer doesn't have to be connected to the internet to be breached. There was a security breach a while ago at the Pentagon (I think) that was caused by a worm in a flash USB drive.
Creating an autonomous network solely for defense networking is a great idea, as long as, you don't plan on sending data overseas. Creating a super secret protocol to send over existing infrastructure or using satellites to communicate with offices/units in other countries still leaves a locked door to be picked by hackers. The only way to keep data truly safe is to plan to never share or store it. There is no such thing as an unhackable system, there is no such thing as impenetrable security.
But even if there was an autonomous defense network the physical cables would still provide some access via the substations. You know your nation's cyber security is in bad shape when the security companies are hacked.
We need to get the drop on China before they start producing new fighter aircraft.
Ha! The government can't seem to catch a break. It's because they centralize too much of their information, making it easier for hackers to focus their attacks. But hey, at least they tried to do something different by using password manager devices. I use MyLOK personally. But if they had them manufactured in China, then they should've seen a security crisis coming. The boomerang effect of outsourcing.