Security firm falls victim to advanced persistent threat. Should you be worried?
Apparently not even security companies can secure themselves 100 percent of the time.
Security vendor RSA, a division of EMC, disclosed this week that the company had been breached by a hacker attack. In particular, RSA disclosed that its SecurID two-factor authentication products were at specific risk as hackers were able to extract information from RSA's systems.
"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack, Art Coviello, EMC's Executive Chairman, wrote in an open letter to RSA customers. "We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations."
Coviello noted that EMC successfully defends itself against multiple cyber attacks every day. The attack that hit the SecurID systems is one that Coviello characterized as an Advanced Persistent Threat (APT). He also stressed that EMC has no evidence that customer security related to other RSA products or any other EMC products have been impacted by this attack.
"It is important to note that we do not believe that either customer or employee personally identifiable information was compromised as a result of this incident," Coviello wrote.
That said, RSA is providing users of its SecurID product with a number of recommendation in order to help mitigate any potential risk. Among RSA's recommendations is for customers to enforce strong passwords and PIN policies as well as ensuring that they' properly patched all of their systems.
"We recommend customers watch closely for changes in user privilege levels and access rights using security monitoring technologies such as SIEM, and consider adding more levels of manual approval for those changes," an RSA Securcare online note states.
"As appropriate, we will share our experiences from these attacks with our customers, partners and the rest of the security vendor ecosystem and work in concert with these organizations to develop means to better protect all of us from these growing and ever more sophisticated forms of cyber security threat," Coviello said.
Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.