Advisory Note: „RSA SecurID – how to act after the hack? “ - 70344

Report Details

As reported extensively in the media, hackers in march of this year successfully attacked the data center of EMC Corp’s RSA security division, obtaining copies of security information for RSA’s SecurID key fob system, a token-based mechanism for creating OTPs (One time passwords) in a two-factor authentication approach used extensively by companies and government agencies around the world.

Now, two large military contractors, Lockheed Martin and L-3 Communications, have reported that they have been victims of security breaches based on data obviously stolen from RSA. A third military contractor, Northrop Grumman, another RSA customer, abruptly closed down remote access to its network and instituted a “domain name and password reset across the entire organization”, according to a press statement.

This considerably ups the ante on RSA and its customers, many of whom rightfully are demanding more information and guidance on how they can protect themselves from what is obviously a highly sophisticated group of attackers. Can we continue to use SecurID, or do we need an alternative, many have been asking, including a number of KuppingerCole clients.

While RSA understandably refuses to discuss details of the attack – after all, hackers read press releases, too - there can be no doubt that the attackers leveraged a known conceptual weakness of RSA SecurID, namely the central storage of so called ‘seeds’ in their own backend. However, bashing RSA won’t help. For customers, the real question is: What can I do to protect my systems and the sensitive information stored there?

Throwing out SecureID and starting anew is not an option for most user organizations. Short term, a number of organizational measures such as adding additional authentication such as use of domain password (if feasible) can reduce the risk of attack without calling for costly replacement of the SecurID tokens is use today. Mid-term, however, customers need to review their authentication strategies with an eye towards moving up to true a versatile authentication approach. The ultimate goal, KuppingerCole believes, is to be able to move back and forth between different authentication mechanisms freely and flexibly without the need to modify the applications themselves.


Date Title Price
Jun 10, 2011

Advisory Note: „RSA SecurID – how to act after the hack? “ - 70344

As reported extensively in the media, hackers in march of this year successfully attacked the data center of EMC Corp’s RSA security division, obtaining copies of security information for RSA’s SecurID key fob system, a token-based mechanism for creating OTPs (One time…

free Get Access

Latest Related Reports

Leadership Compass

Leadership Compass: Adaptive Authentication - 71173

Leaders in innovation, product features, and market reach for Adaptive Authentication. Your compass for finding the right path in the market.

Executive View

Executive View: RSA NetWitness Suite - 72516

RSA NetWitness Suite is a security monitoring solution that combines log and network traffic analysis with endpoint-based visibility and automated threat intelligence to detect and investigate sophisticated cyber-attacks. 

Executive View

Executive View: RSA Archer GRC - 70888

RSA Archer by RSA, The Security Division of EMC is a full-featured GRC-framework providing an enterprise-wide, systemic approach to implementing Governance, Compliance and Risk Management. With its platform approach it can be continuously adapted to maturing GRC-strategies towards…

Leadership Compass

Leadership Compass: Access Governance - 70948

Leaders in innovation, product features, and market reach for Identity and Access Governance and Access Intelligence. Your compass for finding the right path in the market.

Executive View

Executive View: RSA Aveksa Identity Management & Governance - 70873

Access Governance is about the governance and management of access controls in IT systems and thus about mitigating access-related risks. These risks include the stealing of information, fraud through changing information, and the subverting of IT systems, for example in banking, to…

Leadership Compass

Leadership Compass: Enterprise Key and Certificate Management - 70961

Enterprise Key and Certificate Management (EKCM) is made up of two niche markets that are converging. This process still continues, and as with all major change of IT market segments, is driven by customer requirements. These customer requirements are driven by security and compliance…

Executive View

Executive View: RSA Adaptive Authentication - 70889

Adaptive Authentication uses risk-based policies to evaluate a user’s login and post-login activities against a range of risk indicators. Systems then ask for additional assurance of the users’ identities when a risk score or policy rules are violated. This risk and…

Leadership Compass

Leadership Compass: Access Management and Federation - 70790

With the growing demand of business for tighter communication and collaboration with external parties such as business partners and customers, IT has to provide the technical foundation for such integration. Web Access Management and Identity Federation are key technologies for that…

Leadership Compass

Leadership Compass: Access Governance - 70735

Access Governance is as of now the fastest growing market segment in the broader IAM (Identity and Access Management) market. Some vendors also use the term IAG (Identity and Access Governance). Another recent term is Access Intelligence (or Identity and Access Intelligence). While a few…

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

Cryptography’s Darkest Hour

For anyone working in IT security, this week surely did not start well. Not one, but two major cryptography-related vulnerabilities have been disclosed, and each of them is at least as massive in scale and potential consequences as the notorious Heartbleed incident from 2014. First, a Belgian [...]

Latest Insights

Hot Topics

Spotlight

Privacy & the European Data Protection Regulation Learn more

Privacy & the European Data Protection Regulation

The EU GDPR (General Data Protection Regulation), becoming effective May 25 th , 2018, will have a global impact not only on data privacy, but on the interaction between businesses and their customers and consumers. Organizations must not restrict their GDPR initiatives to technical changes in consent management or PII protection, but need to review how they onboard customers and consumers and how to convince these of giving consent, but also review the amount and purposes of PII they collect. The impact of GDPR on businesses will be far bigger than most currently expect. [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00