EMC/RSA "SecurID" Compromised, Lockheed Martin Hacked

Have you seen those key fobs that display a new pseudo-random series of numeric digits every minute or so? To log onto a network or system you have to enter the current set of digits plus your regular credentials (user ID and password), typically.

Unfortunately a group of unknown hackers, possibly a group sponsored by a government, broke into EMC's RSA division and figured out how to duplicate those key fobs, in effect. Then the same group (perhaps) broke into Lockheed Martin, the leading U.S. defense contractor.

It's not clear what sensitive information was taken, and Lockheed Martin isn't saying. However, it's possible the invaders were able to find details about future weapons systems along with operational information about current military deployments in Afghanistan and Iraq, among other places.

I might have more to say in a subsequent post about mainframes, mainframe security systems, and their important role in "defense in depth" — a role which some businesses and governments are not exploiting to full advantage.

UPDATE: RSA has confirmed that SecurID has been compromised.

by Timothy Sipples May 28, 2011 in Security
Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d834521c8469e2014e88bd4ac0970d

Listed below are links to weblogs that reference EMC/RSA "SecurID" Compromised, Lockheed Martin Hacked:

Comments

I am so glad we decided to move away from RSA after the hack, the whole concealing of what had happened, what was stolen sat uneasy with me so we evaluated the market for a replacement.

What we actually got was more of an upgrade than a replacement – http://bit.ly/llReKD not only COULD we use the RSA tokens we already have, but their replacement tokens are the lowest priced on the market, and one has a replaceable battery ! coupled with SMS, Twitter, Mobile phone, iPad, Grid, and more as OTP “soft” tokens and the deal was almost done.

What sealed it ? the price, it was less than the renewal/support price on my RSA, !!

YES, you read it right, I paid less that the renewal on my RSA to swap over to Deepnet DualShield and support is in the future 20% of that price (20% of my old RSA support renewal)

I would really recommend taking a look.

Jo Jo.

Posted by: Jo Jo Fripps | Jun 7, 2011 5:23:20 AM

The comments to this entry are closed.



The postings on this site are our own and don’t necessarily represent the positions, strategies or opinions of our employers.
© Copyright 2005 the respective authors of the Mainframe Weblog.