Severe Token Damage

   You may recall that RSA, who sells SecureID tokens {Chapter 8 Security+ 3ed} that generate time-synchronized one-time passwords (OTP), revealed back in March that it was the victim of an attack (see Mar 30 2011 blog).  Yet at the time RSA only said that that attack occurred "recently" and "certain information" was stolen.  Now it appears that the damage resulting from the successful attack is very severe.

   Last month the government contractor Lockheed Martin was attacked as a result of the RSA security breach. It appears that attackers who broke into RSA stole the "seed" numbers that are used to generate values on RSA's SecurID tokens and then used them to successfully attack Lockheed Martin.  Although this caused the company to pull the plug on its virtual private network {Chapter 8 Security+ 3ed} Lockheed says that no customer, employee, or program data was lost.

   Last week RSA announced that it will replace all SecurID tokens for any customer that makes a request.   By giving out new tokens RSA can use new seed numbers that the attackers do not have. In addition, they are offering their customers a special RSA Transaction Monitoring service that can be used to block fraudulent online transactions. To date there are about 40 million RSA SecurID tokens in use.  

   Stay secure!