RSA SecurID data stolen by a “nation state”

RSA SecurID

Last March, infiltrators carried out a quiet cyberattack against RSA, obtaining information about the operation of its SecurID tokens, hardware devices used by corporations, governments, and organizations to establish secure VPN connections with remote employees. RSA admitted the breach in April and began replacing SecurID tokens last June, but now RSA is revealing a bit more about the attack. Speaking at a Q&A session at the RSA Conference in London, RSA chairman Art Coviello said the attack’s methodology revealed that two separate teams were at work, and the company is very confident that the skill and resources required by the attack had to have been supported by a nation.

“We’ve not attributed it to a particular nation state although we’re very confident that with the skill, sophistication and resources involved it could only have been a nation state,” ZDNet UK quotes Coviello as saying.

RSA was apparently the victim of a targeted malware attack via a spreadsheet sent to a small number of employees, carefully worded to get someone to open the attachment. At least one did, and a malicious Adobe Flash object within the spreadsheet exploited a zero-day vulnerability that enabled the attackers to install a remote access Trojan horse. Once that was in place, hackers used the Trojan to explore RSA’s internal network and look for information about how its SecurID tokens operate. And they found it: information gleaned from the attack was subsequently used in an unsuccessful attack against U.S. defense contractor Lockheed Martin.

SecurID tokens are used as an additional layer of security over-and-above standard username-password combinations as a way to secure VPN logins from untrusted networks—like the Internet. When users connect, they’re prompted for an authorization key displayed on the SecurID token issued to them. These numeric keys change at a fixed interval (usually every minute)—the idea is that even if an attacker has a user’s name and password, they’d still need a unique number to access the network—and that number constantly changes. The information stolen in the RSA breach apparently enabled attackers to generate SecurID keys without the physical tokens.

Some industry watchers have expressed skepticism that the attack was carried out by a nation, noting there’s nothing in particular about the attack as subscribed that points to a government-backed operation. Yes, the information gleaned in the attack was used to go after a defense contractor, but the data could easily have been sold or changed hands numerous times after the attack—there’s not necessarily a direct connection between the perpetrators of the breach and the attackers who went after Lockheed Martin.

“It seems very odd to me for a company to say that they have determined that a country had attacked them, but to not then name the country,” wrote Sophos’ Graham Cluley in its Naked Security blog.

RSA has not disclosed how many tokens it replaced in the wake of the breach, but indicated that replacement had been completed by August.

Computing

At Def Con, children show how easy it can be to hack an election

How hard is it to hack a voting machine or government website? Well, it turns out that it is literally child's play. Def Con tasked a group of children with hacking replica government websites, and many proved successful.
Gaming

'World of Warcraft: Battle for Azeroth' goes live today. Here's what you must know

'World of Warcraft: Battle for Azeroth' is the latest expansion for the now 14-year-old MMORPG. It goes back to the roots of the Alliance vs. Horde conflict. Here's everything you need to know including features, armor, races, and launch…
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

Amazon Prime brings more perks than just free two-day shipping. Subscribers get access to a huge library of TV shows to stream at no extra cost. Here are our favorite TV shows currently available on Amazon Prime.
Movies & TV

The best shows on Netflix in August, from ‘Arrested Development’ to ‘Dark Tourist’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Computing

Having issues with Microsoft Edge? Here's how to fix the most common problems

If you're feeling frustrated with Microsoft Edge, or have run into a serious problem with Windows 10's built-in browser, take a look at these common issues and the solutions that can help you get back on track.
Smart Home

Samsung SmartThings adds A.I.-based Wi-Fi for faster, smarter home networking

Samsung introduced the SmartThings Wifi, an A.I.-based multifunction mesh networking router with an integrated smart home hub. The device intelligently allocates network speed and bandwidth based on device and application needs.
Product Review

5 generations later, Microsoft's Surface Pro is still the best 2-in-1 out there

At first glance, the 2017 Surface Pro looks like an incremental update to the Surface Pro 4, which was already our favorite detachable tablet. But does the newest version earn its own place at the top of the 2-in-1 heap?
Computing

Intel’s ninth-generation CPUs could launch on October 1

New rumors point to an October 1 release date for Intels' next-generation CPUs. The 9900K, 9700K, and 9600K could all debut in just a few weeks time, offering higher clocks and increased core counts.
Computing

AMD’s new 32-core Ryzen Threadripper chip is out, and you can get one for free

AMD’s 32-core Ryzen Threadripper 2990WX CPU is now available for $1,800. It’s compatible with motherboards packing the TR4 socket and the X399 chipset. The only other new Threadripper chip arriving this month will be the 2950X.
Computing

Google may launch two Pixelbook 2 laptops in October

Google may have a new Pixelbook design to show off in just a few weeks, with a new rumor suggesting two variations on the new laptop will be showcased at the start of October with new Intel hardware under the hood.
Gaming

Wage war on a budget with these fun and free first-person shooters

We all know about Halo and Call of Duty by now, but what about quality titles that won't cost you upward of $60? Check out our picks for the best free first-person shooter games from Paladins to Quake Champions.
Computing

Apple preps production of updated MacBook Air for a 2018 launch

To reach its rumored launch timeline of later this year for its low-cost notebook, Apple is expected to begin production of its updated MacBook Air soon. The sub-$1,000 laptop could launch as early as September or October.
Smart Home

White-hat Chinese hackers turn Alexa into a spy, briefly

A team of Chinese researchers revealed this week that they were able to use a cracked Amazon Echo to exploit a series of Alexa interface flaws to take control over an unteuched Echo running on the same network.
Music

Spotify vs. Pandora: Which music streaming service is better for you?

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.