RSA SecurID data stolen by a “nation state”

RSA SecurID

Last March, infiltrators carried out a quiet cyberattack against RSA, obtaining information about the operation of its SecurID tokens, hardware devices used by corporations, governments, and organizations to establish secure VPN connections with remote employees. RSA admitted the breach in April and began replacing SecurID tokens last June, but now RSA is revealing a bit more about the attack. Speaking at a Q&A session at the RSA Conference in London, RSA chairman Art Coviello said the attack’s methodology revealed that two separate teams were at work, and the company is very confident that the skill and resources required by the attack had to have been supported by a nation.

“We’ve not attributed it to a particular nation state although we’re very confident that with the skill, sophistication and resources involved it could only have been a nation state,” ZDNet UK quotes Coviello as saying.

RSA was apparently the victim of a targeted malware attack via a spreadsheet sent to a small number of employees, carefully worded to get someone to open the attachment. At least one did, and a malicious Adobe Flash object within the spreadsheet exploited a zero-day vulnerability that enabled the attackers to install a remote access Trojan horse. Once that was in place, hackers used the Trojan to explore RSA’s internal network and look for information about how its SecurID tokens operate. And they found it: information gleaned from the attack was subsequently used in an unsuccessful attack against U.S. defense contractor Lockheed Martin.

SecurID tokens are used as an additional layer of security over-and-above standard username-password combinations as a way to secure VPN logins from untrusted networks—like the Internet. When users connect, they’re prompted for an authorization key displayed on the SecurID token issued to them. These numeric keys change at a fixed interval (usually every minute)—the idea is that even if an attacker has a user’s name and password, they’d still need a unique number to access the network—and that number constantly changes. The information stolen in the RSA breach apparently enabled attackers to generate SecurID keys without the physical tokens.

Some industry watchers have expressed skepticism that the attack was carried out by a nation, noting there’s nothing in particular about the attack as subscribed that points to a government-backed operation. Yes, the information gleaned in the attack was used to go after a defense contractor, but the data could easily have been sold or changed hands numerous times after the attack—there’s not necessarily a direct connection between the perpetrators of the breach and the attackers who went after Lockheed Martin.

“It seems very odd to me for a company to say that they have determined that a country had attacked them, but to not then name the country,” wrote Sophos’ Graham Cluley in its Naked Security blog.

RSA has not disclosed how many tokens it replaced in the wake of the breach, but indicated that replacement had been completed by August.

Computing

Adobe’s craziest new tools animate photos, convert recordings to music in a click

Adobe shared a glimpse behind the scenes at what's next and the Creative Cloud future is filled with crazy A.I.-powered tools, moving stills, and animation reacting to real-time tweets.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Movies & TV

Stay inside this summer with the best shows on Hulu, including 'Castle Rock'

It's often overwhelming to navigate Hulu's robust library of TV shows. To help, we've put together a list of the best shows on Hulu, whether you're into frenetic cartoons, intelligent dramas, or anything in between.
Movies & TV

The best shows on Netflix in October, from 'Mindhunter’ to ‘The Good Place’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Movies & TV

The best movies on Netflix in October, from 'The Witch’ to ‘Black Panther’

Save yourself from hours wasted scrolling through Netflix's massive library by checking out our picks for the streamer's best movies available right now, whether you're into explosive action, subdued humor, or anything in between.
Computing

Problems with Microsoft’s Windows October 2018 Update aren’t over yet

Microsoft's Windows 10 October 2018 update is not having a great launch. More than two weeks after its debut and Microsoft is still putting out fires as new bugs are discovered and there's no sign of its re-release as of yet.
Computing

Chrome 70 is now available and won’t automatically log you in to the browser

Google has officially launched Chrome version 70 on Windows Mac and Linux. The update introduces some new Progressive Web App integrations on Windows 10 and also tweaks the much controversial auto login with Google Account feature.
Computing

Corsair’s latest SSD boasts extremely fast speeds at a more affordable price

Despite matching and besting the performance of competing solid-state drives from Samsung and WD, the Corsair Force Series MP510 comes in at a much more affordable price. Corsair boasts extremely fast read and write speeds.
Computing

New Windows 10 19H1 preview lets users remove more pre-installed Microsoft apps

With the release of the latest Windows 10 19H1 preview build on October 17, Microsoft is letting some consumers remove more of the pre-installed inbox app bloatware from their machines. 
Computing

Apple’s 2020 MacBooks could ditch Intel processors, arrive with ‘ARM Inside’

If you're buying a MacBook in 2020, be on the lookout for a new "ARM Inside" banner. Apple is reportedly working on transitioning away from Intel processors for its MacOS lineup in favor of new custom A-series ARM-based silicon.
Social Media

Tumblr promises it fixed a bug that left user data exposed

A bug on blogging site Tumblr left user data exposed. The company says that once it learned of the flaw, it acted quickly to fix it, adding that it's confident no data linked to its users' accounts was stolen.
Computing

Microsoft patent highlights a potential VR text input system

A new patent awarded to Microsoft could lead to a new typing method for virtual reality and on Xbox consoles. The virtual radial dial puts letters within easy reach of joystick commands and offers predictive typing, too.
Computing

Ryzen shine! AMD’s next CPUs could beat Intel at gaming in 2019

AMD's upcoming Zen 2-based Ryzen 3000 CPUs could offer as much as a 13-percent increase in instruction per clock. With clock speed or core count increases, that could gave them a huge performance boost.
Computing

Samsung Galaxy Book 2 packs Snapdragon 850 into Always Connected Windows 2-in-1

The Samsung Galaxy Book 2 is set to go on sale at the start of November and should be a solid addition the collection of Always Connected Windows laptops. It packs a Snapdragon 850 and a 20-hour battery.