What to learn from the RSA breach

Share this article:
Illena Armstrong, VP, editorial, SC Magazine
Illena Armstrong, VP, editorial, SC Magazine
The recent social engineering attack on RSA has dominated industry talk, with some dubbing coverage of the incident a media circus.

Google “RSA hack” and you'll find a litany of news items, tweets and opinions about the spear phishing attack that exploited an Adobe Flash zero-day vulnerability to steal SecurID-related intellectual property. Is all this discussion overkill?

We're talking about RSA here. It is one of the most well-respected names in the information security marketplace. This is a company that launched the careers of some of today's leading security minds, saw a gathering of cryptographers in a small hotel boardroom turn into a still-thriving industry conference (though the event is now operated separately from the vendor), and became an independent division of an even larger corporation, EMC.

So, it is in this history that media coverage and industry chatter is fully warranted. The banter also is well-rooted in what many deem to have been a questionable response to both the public and customers. After an initial open letter from Art Coviello discussing the compromise, a few more details have been released about the attack. More recently, RSA reportedly approached executives from some larger customers to whom they offered to provide more facts about the attack to help them mitigate against worst-case scenarios. However, to hear the particulars, enterprise reps must sign a non-disclosure agreement. This has some suspicious customers researching solutions that eventually may replace SecurID shops. Others are still biding their time as they have yet to see compromises.

Undoubtedly, this event will reap more news coverage in the future. Even now, some pros once affiliated with RSA in some form or another have informed me that this breach is no surprise to them, as the infrastructure of the security company – despite its business – was rather porous.

In marking its milestones in IT security history, RSA has become a longstanding organization whose two-factor authentication solutions have been around for even longer. That cybercriminals targeted critical information about these tokens to undermine the very security the devices are supposed to offer should be of no surprise to anyone, really – porous network or not.

A little ironic? Sure. But, it is more a question of who has got the backs of the security players who are supposed to have their customers' backs? If the RSA incident is an example, it looks to be the bad guys.


Illena Armstrong is editor-in-chief of
SC Magazine.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in Features

Transparency reports useful, but more info needed on 'digital searches'

Transparency reports useful, but more info needed on ...

Transparency reports are common these days, but the information they provide can still be difficult to read and understand.

Same battle, different field

Same battle, different field

Cyberwarfare is so new that the ground rules are still being established. Nazan Osman provides an overview.

Passwords are passé

Passwords are passé

New solutions are gaining traction to complement, or replace, the legacy use of username and password, reports Ashley Carman.