In 2011, RSA was hacked Chinese spires. At the time, it was the worst to ever hit a cybersecurity firm. For 10 years, key RSA execs have been bound to silence by NDAs. Those agreements just expired.
The SecurID seeds that RSA generated and carefully distributed to its customers allowed those customers’ network administrators to set up servers that could generate the same codes, then check the ones users entered into login prompts to see if they were correct.
After 10 years of rampant state-sponsored hacking and supply chain hijacks, the RSA breach can now be seen as the herald of our current era of digital insecurity—and a lesson about how a determined adversary can undermine the things we trust most.
The analysts eventually traced the origin of the breach to a single malicious file that they believed had landed on an RSA employee’s PC five days before they’d started their hunt. A staffer in Australia had received an email with the subject line “2011 Recruitment plan” and an Excel spreadsheet attached to it. He'd opened it.
Breaches as extensive as the one carried out against RSA are often discovered months after the fact, when the intruders are long gone or lying dormant. But Duane says that the 2011 incident was different: Within days, the investigators had essentially caught up to the intruders and were watching them in action. “They’d try to get into a system, then we’d detect them a minute or two later and go in and shut down that system or disable access to it,” Duane says.
As it dawned on Leetham that the seed collection had likely been copied—and after he had made his seconds-too-late attempt to delete the data off the hackers’ server—the enormity of the event hit him: The trust that customers placed in RSA, perhaps its most valuable commodity, was about to be obliterated. “This is an extinction event,” he remembers thinking. “RSA is over.”at night when the security team learned that the seed warehouse had been plundered.
In the hours that followed, RSA’s executives debated how to go public. One person in legal suggested they didn’t actually need to tell their customers, Sam Curry remembers. Coviello slammed a fist on the table: They would not only admit to the breach, he insisted, but get on the phone with every single customer to discuss how those companies could protect themselves. Joe Tucci, the CEO of parent company EMC, quickly suggested they bite the bullet and replace all 40 million-plus SecurID tokens.
In Bedford, Castignola was given a conference room and the authority to ask for as many volunteers from the company as he needed. A rotating group of nearly 90 staffers began the weeks-long, day-and-night process of arranging one-on-one phone calls with every customer. They worked from a script, walking customers through protective measures like adding or lengthening a PIN number as part of their SecurID logins, to make them harder for hackers to replicate.
Meanwhile, RSA’s security team and the investigators brought in to help were “tearing the house down to the studs,” as Curry put it. In every part of the network that the hackers touched, he says, they scrubbed the contents of potentially compromised machines—and even ones adjacent to them. “We physically went around and, if there was a box they were on, it got wiped,” Curry says. “If you lost data, too bad.
Norge Siste Nytt, Norge Overskrifter
Similar News:Du kan også lese nyheter som ligner på denne som vi har samlet inn fra andre nyhetskilder.
3 steps to make 'diversity and inclusion' mean something at your company'Diversity and inclusion' can be a meaningless catchphrase. Experts share 3 takeaways to actually drive change in your company. Presented by Acrobat.
Les mer »
Gopuff eliminates about 100 jobs to control costs before potential IPOGopuff has cut about 100 jobs, and paused several plans to open more warehouses, in a restructuring ahead of its potential IPO
Les mer »
App Store critic: Apple's resistance to payments competition is futileOne of Apple's harshest App Store critics says the company's resistance to payments competition may well backfire and ultimately help developers
Les mer »
Star Trek: Picard Season 2 Will Use Q In Surprising WaysStarTrekPicard season 2 will tell an unexpected story for TNG alum Q, and co-showrunner Terry Matalas says fans will see 'a side of Q you’ve never seen before.' 👀
Les mer »
The housing shortage is taking a toll on the rental market.Insider tells the global tech, finance, markets, media, healthcare, and strategy stories you want to know.
Les mer »