EMC security division hacked; RSA products used by government, military potentially at risk

By on Mar 18, 2011 at 3:43 PM
Security March 18, 2011

In a filing with the Securities and Exchange Commission (SEC), information management company EMC admitted that an “extremely sophisticated” attack was in progress against its computer network. Specifically targeting the company’s security division, the intruders stole confidential data related to RSA’s SecurID products. EMC acquired RSA Security in the fourth quarter of 2006 for just under $2.1 billion. RSA SecurID provides a form of two-factor authentication that implements a second layer of network security to protect against outside threats and compromised passwords — the technology is used by governments, the military, financial institutions, hospitals, and businesses around the globe. RSA declined to comment on the nature of the attack, or provide information on exactly how much data was accessed by the network intruders.

In its SEC filing, the company said it was “confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers.” EMC’s executive chairman Art Coviello stated that the breach would have a minimal impact on its other products and financial results.

“Security is at the heart of RSA’s brand promise,” an industry expert who declined to be identified told BGR. “This will certainly have a negative effect on how customers view the company and its products.”

“These aren’t kids in basements doing this: these are the threats that, if you’re targeted, you better have your data, infrastructure, and people locked-down,” said Mike Halsall, a senior network and information security analyst at the Massachusetts Institute of Technology, in a message to BGR. “EMC has a lot of [intellectual property] to protect and it’s hard to protect every bit, at every instant, from every threat.”

EMC said it is providing “immediate remediation steps” to its RSA customers.

“These are the attacks we’ll keep seeing, and they’re only going to get better at pulling them off,” Halsall continued. “With the SecurID issue, though, I don’t think the sky is falling, but you might want to keep your umbrella handy; or think about open-source alternatives.”

Tags:
, , , , , ,
4 Comments

Related Articles

  • http://bbcwebhosting.com/ BBc Web Hosting

    stay ahead of the trick pullers and hackers…..to ensure customers safety…….

  • http://atspangler.net/ atspangler

    Maybe they should hire HBGary…… oh wait.

  • Bobdonhim

    As if EMC replied to an email from BGR with a direct quote. BGR does nothing but lie and fabricate news and/or quotes to look like it is a news website. In reality it is only an Apple fanboy blog site. BGR, you won’t be winning any pulizer prices anytime soon.

    • OBJ_me

      Why are you a) even here b) reading the posts and c) responding to them if you feel so strongly that BGR is nothing more than a lying, rumor mongering, Apple fanblog?

blog comments powered by Disqus