This is how RSA Security described the infiltration that lead to the now-famous attack which “reduce[d] the effective security of [SecurID]”.
Having read the releases, and listened to the customer ‘information’ call it’s clear that this is very serious. But whatever the specifics of the RSA SecurID breach (while many of us technical folk in the industry can guess what’s happened it doesn’t serve us here to go into that – let’s wait for their investigation to conclude) it’s clear that cyber threats are growing, and serious.
A little while ago I wrote about the need to maintain internal security boundaries, and to adopt data-centric protection of critical assets so that even folks on the inside need to pass stringent tests to gain access to those assets. While it gives me no pleasure to see this attack executed on RSA Security the incident does rather prove the point. Even established security specialists are vulnerable in the modern climate, and so is everybody else.
The big name made this big news (and it does potentially affect a lot of people), but looking beyond the logos it’s just another in a long line of incidents that point to the need for holistic data protection, both inside and outside the corporate network. Even without a dramatic compromise perimeter security controls are not enough to protect the family silver.
So if you have a moment today, just look at your data estate and see if you have any critical core IP or root secrets lying vulnerable in your systems. And if you do, now is probably the time to think about handling them with a little more care.