TMCnet Feature Free eNews Subscription
June 07, 2011

RSA Offering Token Replacement to Customers Following Lockheed Breach

By Beecher Tuttle, TMCnet Contributor

EMC-owned security unit RSA (News - Alert) has offered to replace its clients' SecurID tokens if they are concerned about the possibility of suffering a cyber attack. These tokens, which provide remote access for employees outside of a company's network, were compromised in March when hackers attacked EMC's (News - Alert) systems and came away with information related to the SecurID product line.



While RSA admitted to the breach immediately, concern began to escalate in May when defense contractor Lockheed Martin (News - Alert) acknowledged that hackers had used duplicates of the stolen SecurID keys to attack its network. RSA confirmed late last week that the information taken from its systems in March was used in the attempted cyber attack on the defense contractor.

Lockheed has said that it had blocked the attack and that no customer, program or employee data had been compromised. However, unconfirmed reports have recently popped up that suggest that two other high profile contractors – L3 Communications and Northrup Grumman – may have also been affecting by the original RSA breach, according to The Register.

In response to growing concern, RSA has offered to replace SecurID tokens for “customers with concentrated user bases typically focused on protecting intellectual property and corporate networks.”

In addition, the EMC business unit has agreed to implement “risk-based authentication strategies” for customers that need help protecting their Internet-based financial transactions with consumers.

Both of these services will be offered to customers free of charge.

“We will continue to work with all customers to assess their unique risk profiles and user populations and help them understand which options may be most effective and least disruptive to their business and their users,” RSA Executive Chairman Art Coviello said in an open letter to clients.

Coviello added that the characteristics of the March attack suggest that the hackers' motivation was to pilfer security information that could be used to unearth defense secrets or “related IP,” not financial information or other data that would be used to embarrass a customer.

Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2011, taking place Sept. 13-15, 2011, in Austin, Texas. ITEXPO (News - Alert) offers an educational program to help corporate decision makers select the right IP-based voice, video, fax and unified communications solutions to improve their operations. It's also where service providers learn how to profitably roll out the services their subscribers are clamoring for – and where resellers can learn about new growth opportunities. To register, click here.




Beecher Tuttle is a TMCnet contributor. He has extensive experience writing and editing for print publications and online news websites. He has specialized in a variety of industries, including health care technology, politics and education. To read more of his articles, please visit his columnist page.

Edited by Jennifer Russell

» More TMCnet Feature Articles
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE

LATEST TMCNET ARTICLES

» More TMCnet Feature Articles