dcsimg
 

After Lockheed Martin Hack, RSA to Replace SecurID Tokens

By CIOinsight  |  Posted 06-08-2011 Print

WEBINAR:
On-Demand

EUC with HCI: Why It Matters


Hackers hit defense contractor Lockheed Martin using SecurID data stolen from RSA Security, and now the company's CEO is offering to replace user tokens.

RSA Security has offered to replace the SecurID tokens used by enterprises and government agencies to secure their networks after attackers attempted to hack a defense contractor's network in May.

Intruders managed to breach defense contractor Lockheed Martin's network in May when it bypassed RSA Security's SecurID technology, RSA Security Chairman Art Coviello acknowledged in a letter to customers on June 6. While Lockheed was hacked, no information was compromised, according to the Wall Street Journal.

Cyber-attackers initially compromised RSA Security with a phishing email exploiting a zero-day Adobe vulnerability, Coviello disclosed in March. The company declined to specify exactly what had been stolen but acknowledged it was "information relating to the SecurID technology."

"RSA clearly knew what was breached to begin with and what the implications were and they didn't do anything about it," Bobby Kuzma, president of Central Florida Technology Solutions, a security solutions provider, told eWEEK.

RSA should have replaced the tokens immediately, not waited until after three major defense contractors were attacked, Kuzma said. The company had a duty to its clients to disclose "any material defects in the solution," according to Kuzma.



 

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that cioinsight.com may send you cioinsight offers via email, phone and text message, as well as email offers about other products and services that cioinsight believes may be of interest to you. cioinsight will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit