Forgot your password?
typodupeerror
Networking

+ - RSA finally comes clean: SecurID is compromised->

Submitted by suraj.sun
suraj.sun (1348507) writes "RSA Security is to replace virtually every one of the 40 million SecurID tokens currently in use as a result of the hacking attack the company disclosed back in March. The company issued a letter to customers acknowledging that SecurID failed to protect defense contractor Lockheed Martin, which last month reported a hack attempt. This admission puts paid to RSA's initial claims that the hack would not allow any "direct attack" on SecurID tokens; wholesale replacement of the tokens can only mean that the tokens currently in the wild do not offer the security that they are supposed to.

RSA Security Chairman Art Coviello said that the reason RSA had not disclosed the full extent of the vulnerability because doing so would have revealed to the hackers how to perform further attacks. RSA's customers might question this reasoning; the Lockheed Martin incident suggests that the RSA hackers knew what to do anyway—failing to properly disclose the true nature of the attack served only to mislead RSA's customers about the risks they faced.

Ars Technica: http://arstechnica.com/security/news/2011/06/rsa-finally-comes-clean-securid-is-compromised.ars"

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

RSA finally comes clean: SecurID is compromised

Comments Filter:

"If a computer can't directly address all the RAM you can use, it's just a toy." -- anonymous comp.sys.amiga posting, non-sequitir

Working...