Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Our investigation also revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.I am not going to speculate on anything, but you should be aware of the situation and monitor developments. After RSA's own statement, a good place to go is the Securosis blog which has its own summary of the situation. Since they did a better job than I could, I'll let you read their analysis of the situation and open questions.
Clearly this is no fun for anybody. But if you use RSA 2-factor authentication -- and who doesn't -- it is worth your monitoring developments.
No comments:
Post a Comment