RSA Targeted in Cyber Attack

RSA reported that their security systems identified an extremely sophisticated cyber attack being mounted against them. They are taking a variety of aggressive measures against the threat to protect their business and their customers. At this time, they have no evidence showing that customer security related to RSA products has been impacted.

According to RKON Network Security Consultant Michael Atkinson, “In order to successfully defeat SecurID without physical possession of a token, an attacker would need to have RSA’s algorithm, the random “seed” used by a specific token, the username associated with that token, the user’s PIN, and the correct time.  To the best of my knowledge, RSA has not stated what information was compromised, but in the worst case scenario where the attackers had the algorithm and the seeds for each of your tokens, they still would not have the correct username and PIN associated with each token.  That information is not in RSA’s possession and could not have been compromised by the reported attack.”

RKON will stay on top of this issue and inform you of any news. For more information visit the RSA website or contact RKON.