WASHINGTON - Federal agencies are confronting possible repercussions from a cyberattack disclosed late last week on one of the nation's largest information-security companies.
RSA Security, a division of EMC, has contracts throughout the federal government for its SecurID system, which uses a token to generate a random six-digit number every 60 seconds. That number, when used with a user's password, provides access to unclassified systems throughout government agencies.
In a filing March 17 to the Securities and Exchange Commission, EMC reported "an extremely sophisticated" cyberattack that targeted its RSA business unit and resulted in "certain information" about its products "being extracted."
Although there were no reports of lost customer data, the risk is that the stolen information could enable a successful attack later, company officials said.
"We do not believe that either customer or employee personally identifiable information was compromised as a result of this incident," RSA Executive Chairman Art Coviello said in a letter to customers accompanying the March 17 filing.
Amy Kudwa, a spokeswoman for the Department of Homeland Security, said the federal government was working with RSA to secure networks that are accessible via SecurID.
The tokens would generally be used when a government employee is trying to gain access to a computer system while on a personal computer or laptop.
"It's not classified data, but more proprietary and personal data that's at issue," said one defense industry official familiar with the breach, which occurred this month.
"It will be a fairly significant event before this is all said and done."
Security experts said the breach demonstrates another evolution in cyber-attackers' tactics.
Instead of targeting banks or government agencies, they are targeting firms that provide security to those entities.
by Ellen Nakashima Washington Post Mar. 24, 2011 12:00 AM
U.S. responds to cyberattack
Crave: The Gadget Blog
PCWorld Latest Technology News
CNET TV: Laptops
- ► 2016 (75)
- ► 2015 (94)
- ► 2014 (55)
- ► 2013 (126)
- ► 2012 (117)
- More buy cellphones; bills ease
- Trending News Channel : Tiger Woods’ "My Swing" Ap...
- OMG! enters Oxford Dictionary
- BlackBerry drops DUI-checkpoint app
- U.S. responds to cyberattack
- Scottsdale firm accused of texting scam
- Lukewarm Reaction To Playbook Could Force Drastic ...
- YouTube - Is Public the New Private (HUNGRY BEAST)...
- AT&T merger with T-Mobile may cut competition
- China’s Baidu Rises to Record in U.S. on Report of...
- Use Internet sources to find lowest prices on gas
- Adult content websites get .xxx domain
- Politicians' Facebook posts raise legal worry
- Valley cities turn to phone apps to enforce zoning...
- Nev. mulls Internet poker bill; casinos voice oppo...
- Products added after shooting
- Japan's quake-resistant buildings withstand temblo...
- With iPad 2, Apple one-ups itself
- Apple's advantage vs. its competitors
- Freescale Semiconductor: Technology will predict b...
- Harvard professor wins Turing honor
- Reviews for electric, hybrid cars wide-ranging
- Holy iPad! App shows you way to repentance
- New iPad unveiled, but its market competition is h...
- Go Daddy to hire 350 nationwide, mainly for its cu...
- Xoom emerges as first real iPad competitor
- Reality of laser vision nears in eye-tracking lapt...
- SRP offers free device to customers to measure ene...
- 10 Tips for Building Your Online Business and Keep...
- Google Pulls 21 Apps In Android Malware Scare
- ▼ March (30)