RSA Hit by Cyber Attack

Friday, March 18, 2011 @ 04:03 PM gHale

RSA suffered “an extremely sophisticated cyber attack” on its SecurID products, used by more than 25,000 customers world-wide to protect access to private data.

RSA, a subsidiary of EMC Corp., said it is confident the information extracted won’t enable a successful direct attack on any of its customers; however, the information could reduce the effectiveness of the SecurID’s authentication process “as part of a broader attack.”

RSA Executive Chairman Art Coviello said as a result of the attack, which he categorized as an “advanced persistent threat,” RSA has hardened its technology infrastructure. The company also has begun an investigation into the attack and is working with the appropriate authorities, he said.

RSA’s SecurID offers a two-step authentication process based on something you know, such as a password, and something you have, such as a token with a six-digit code that changes every 60 seconds. The company said that combination offers more protection than just a static password.