What to learn from the RSA breach

Share this article:
Illena Armstrong, VP, editorial, SC Magazine
Illena Armstrong, VP, editorial, SC Magazine
The recent social engineering attack on RSA has dominated industry talk, with some dubbing coverage of the incident a media circus.

Google “RSA hack” and you'll find a litany of news items, tweets and opinions about the spear phishing attack that exploited an Adobe Flash zero-day vulnerability to steal SecurID-related intellectual property. Is all this discussion overkill?

We're talking about RSA here. It is one of the most well-respected names in the information security marketplace. This is a company that launched the careers of some of today's leading security minds, saw a gathering of cryptographers in a small hotel boardroom turn into a still-thriving industry conference (though the event is now operated separately from the vendor), and became an independent division of an even larger corporation, EMC.

So, it is in this history that media coverage and industry chatter is fully warranted. The banter also is well-rooted in what many deem to have been a questionable response to both the public and customers. After an initial open letter from Art Coviello discussing the compromise, a few more details have been released about the attack. More recently, RSA reportedly approached executives from some larger customers to whom they offered to provide more facts about the attack to help them mitigate against worst-case scenarios. However, to hear the particulars, enterprise reps must sign a non-disclosure agreement. This has some suspicious customers researching solutions that eventually may replace SecurID shops. Others are still biding their time as they have yet to see compromises.

Undoubtedly, this event will reap more news coverage in the future. Even now, some pros once affiliated with RSA in some form or another have informed me that this breach is no surprise to them, as the infrastructure of the security company – despite its business – was rather porous.

In marking its milestones in IT security history, RSA has become a longstanding organization whose two-factor authentication solutions have been around for even longer. That cybercriminals targeted critical information about these tokens to undermine the very security the devices are supposed to offer should be of no surprise to anyone, really – porous network or not.

A little ironic? Sure. But, it is more a question of who has got the backs of the security players who are supposed to have their customers' backs? If the RSA incident is an example, it looks to be the bad guys.


Illena Armstrong is editor-in-chief of
SC Magazine.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in Features

Game theory: Cyber preparedness

Game theory: Cyber preparedness

Business leaders are beginning to fathom the importance of cyber war game simulation exercises, reports James Hale.

Forward progress: How the Denver Broncos really play defense

Forward progress: How the Denver Broncos really play ...

Off the field, demand for bandwidth and protection from network threats set the ball in motion for the Denver Broncos. Greg Masters reports.

Smart defense: A talk with industry veteran Gene Fredriksen

Smart defense: A talk with industry veteran Gene ...

Today's CISO must stay ahead of attackers, says Gene Fredriksen, CISO at PSCU. Teri Robinson talks one on one with the industry veteran.