SEARCH

Entries in EMC (1)

Friday
Mar182011

DoD, Major Private Contractor Potentially Vulnerable in Cyber Attack

Jupiterimages/Thinkstock(WASHINGTON) -- A U.S. cyber-security company charged with protecting computers for the U.S. government and thousands of private clients has itself been the target of a successful hacking attack, potentially compromising the security of software used by the Department of Defense and major defense contractor Lockheed Martin.

While the U.S. government has been aware of the attack and working with the company on plugging the security breach for more than a week, according to sources familiar with the investigation, it was only Thursday that Massachusetts-based company RSA alerted the public. RSA, the security division of EMC, claims over 25,000 clients and 40 million users of its security token technology worldwide.

"Recently our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA," said executive chairman Arthur Coviello in a statement posted on the company's website and in a filing to the SEC notifying shareholders of an adverse event. "Our investigation also revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products."

In addition to the U.S. government, according to its website, RSA SecureID customers include major American corporations, healthcare institutions and charities, as well as banks and institutions that cater to high net worth individuals, like Rolls Royce and Bentley Motors. The state of Kansas is also listed as a SecureID customer.

"This is a very major security compromise that has possibly put at risk numerous sensitive government sites and private industry as well" said former U.S. National Security Advisor Richard Clarke, an ABC News consultant.

Coviello said while some information relating to RSA's token authentication system had been "extracted" by the intruders, RSA is "confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers."

Sources familiar with the investigation tell ABC News the company and the U.S. government have been working quietly to try to determine the extent of the damage and to build a patch to plug the leak.

In its statement Thursday, the company described the attack as an "extremely sophisticated" APT (Advanced Persistent Threat) attack, which cyber-experts say sounds similar to a 2009 attack on Google suspected to come from Chinese hackers.

"These hackers are not kids sitting in basements having fun," said Larry Clinton, President of the Internet Security Alliance. "An APT threat comes from highly organized, highly sophisticated, well-funded thieves. There is some evidence that this is state sponsored, and some attacks have come from China."

A company spokesman would not comment on reports of a delay in alerting the public, but in his online statement RSA executive chairman Coviello said, "We took a variety of aggressive measures against the threat to protect our business and our customers, including further hardening of our IT infrastructure".

The company's statement said its investigation is continuing and it is working closely with "appropriate authorities."

The Department of Homeland Security did not respond to a request for comment.

Copyright 2011 ABC News Radio







ABC News Radio