Hackers have successfully infiltrated security firm RSA to steal information related to its two-factor authentication products, the company’s president revealed in a letter Thursday to customers.
“Recently, our security systems identified an extremely sophisticated cyberattack in progress being mounted against RSA,” President Art Coviello wrote.
Coviello categorized the attack as an advanced persistent threat, which is known for its sophistication and stealthiness and is often leveraged to steal coveted intellectual property. Last year, Google and a number of other high-profile firms disclosed that they were APT victims.
Coviello said the information obtained by the hackers may teach them how to circumvent RSA’s SecurID products, which include hardware token authenticators, software authenticators, authentication agents and appliances. Millions of companies worldwide use SecurID to protect access to their sensitive assets, such as web servers, email clients and VPNs.
“While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack,” Coviello wrote. “We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.”
The vendor does not believe any personal customer or employee information was compromised in the attack.
Coviello said the company plans to “share our experiences from these attacks with our customers, partners and the rest of the security vendor ecosystem.”
Ironically, for more than a year, RSA has been researching the APT threat to develop new mitigating technologies.
In an interview last month with SC Magazine at the RSA Conference in San Francisco, RSA CTO Bret Hartman said organizations should accept that they likely cannot stop an APT attack and should instead focus on detecting it early and reducing its impact.
RSA is owned by EMC.