Advisory Note: „RSA SecurID – how to act after the hack? “ - 70344

Report Details

As reported extensively in the media, hackers in march of this year successfully attacked the data center of EMC Corp’s RSA security division, obtaining copies of security information for RSA’s SecurID key fob system, a token-based mechanism for creating OTPs (One time passwords) in a two-factor authentication approach used extensively by companies and government agencies around the world.

Now, two large military contractors, Lockheed Martin and L-3 Communications, have reported that they have been victims of security breaches based on data obviously stolen from RSA. A third military contractor, Northrop Grumman, another RSA customer, abruptly closed down remote access to its network and instituted a “domain name and password reset across the entire organization”, according to a press statement.

This considerably ups the ante on RSA and its customers, many of whom rightfully are demanding more information and guidance on how they can protect themselves from what is obviously a highly sophisticated group of attackers. Can we continue to use SecurID, or do we need an alternative, many have been asking, including a number of KuppingerCole clients.

While RSA understandably refuses to discuss details of the attack – after all, hackers read press releases, too - there can be no doubt that the attackers leveraged a known conceptual weakness of RSA SecurID, namely the central storage of so called ‘seeds’ in their own backend. However, bashing RSA won’t help. For customers, the real question is: What can I do to protect my systems and the sensitive information stored there?

Throwing out SecureID and starting anew is not an option for most user organizations. Short term, a number of organizational measures such as adding additional authentication such as use of domain password (if feasible) can reduce the risk of attack without calling for costly replacement of the SecurID tokens is use today. Mid-term, however, customers need to review their authentication strategies with an eye towards moving up to true a versatile authentication approach. The ultimate goal, KuppingerCole believes, is to be able to move back and forth between different authentication mechanisms freely and flexibly without the need to modify the applications themselves.


Date Title Price
Jun 10, 2011

Advisory Note: „RSA SecurID – how to act after the hack? “ - 70344

As reported extensively in the media, hackers in march of this year successfully attacked the data center of EMC Corp’s RSA security division, obtaining copies of security information for RSA’s SecurID key fob system, a token-based mechanism for creating OTPs (One time…

free Get Access

Latest Related Reports

Leadership Compass

Leadership Compass: Access Governance & Intelligence - 71145

Leaders in innovation, product features, and market reach for access governance & Intelligence. Delivering the capabilities for managing access entitlements, always knowing the state of these, and enforcing access and SoD policies across heterogeneous IT environments on premises and in…

Executive View

Executive View: RSA SecurID® Access - 70323

RSA SecurID Access is an integrated offering for Adaptive Authentication, supporting a broad range of different authentication methods on virtually any type of endpoint and integration to a large range of on-premises applications and cloud services. It supports context-aware authentication…

Leadership Compass

Leadership Compass: Identity Provisioning - 71139

Leaders in innovation, product features, and market reach for Identity Provisioning. Delivering the capabilities for managing accounts and entitlements across heterogeneous IT environments on premises and in the cloud. Your compass for finding the right path in the market.

Leadership Compass

Leadership Compass: Adaptive Authentication - 71173

Leaders in innovation, product features, and market reach for Adaptive Authentication. Your compass for finding the right path in the market.

Executive View

Executive View: RSA NetWitness Suite - 72516

RSA NetWitness Suite is a security monitoring solution that combines log and network traffic analysis with endpoint-based visibility and automated threat intelligence to detect and investigate sophisticated cyber-attacks. 

Executive View

Executive View: RSA Archer GRC - 70888

RSA Archer by RSA, The Security Division of EMC is a full-featured GRC-framework providing an enterprise-wide, systemic approach to implementing Governance, Compliance and Risk Management. With its platform approach it can be continuously adapted to maturing GRC-strategies towards…

Leadership Compass

Leadership Compass: Access Governance - 70948

Leaders in innovation, product features, and market reach for Identity and Access Governance and Access Intelligence. Your compass for finding the right path in the market.

Executive View

Executive View: RSA Aveksa Identity Management & Governance - 70873

Access Governance is about the governance and management of access controls in IT systems and thus about mitigating access-related risks. These risks include the stealing of information, fraud through changing information, and the subverting of IT systems, for example in banking, to…

Leadership Compass

Leadership Compass: Enterprise Key and Certificate Management - 70961

Enterprise Key and Certificate Management (EKCM) is made up of two niche markets that are converging. This process still continues, and as with all major change of IT market segments, is driven by customer requirements. These customer requirements are driven by security and compliance…

Executive View

Executive View: RSA Adaptive Authentication - 70889

Adaptive Authentication uses risk-based policies to evaluate a user’s login and post-login activities against a range of risk indicators. Systems then ask for additional assurance of the users’ identities when a risk score or policy rules are violated. This risk and…

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

Future-Proofing Your Cybersecurity Strategy

It’s May 25 today, and the world hasn’t ended. Looking back at the last several weeks before the GDPR deadline, I have an oddly familiar feeling. It seems that many companies have treated it as another “Year 2000 disaster” - a largely imaginary but highly publicized issue [...]

Latest Insights

Hot Topics

Spotlight

Compliance, Risk & Security Learn more

Compliance, Risk & Security

Whether public, private or hybrid clouds, whether SaaS, IaaS or PaaS: All these cloud computing approaches are differing in particular with respect to the question, whether the processing sites/parties can be determined or not, and whether the user has influence on the geographical, qualitative and infrastructural conditions of the services provided. Therefore, it is difficult to meet all compliance requirements, particularly within the fields of data protection and data security. The decisive factors are transparency, controllability and influenceability of the service provider and his [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00