Skip to: [ search ] [ menus ] [ content ] Select style [ Aqua ] [ Citrus ] [ Fire ] [ Orange ] [ show/hide more content ]

EMC’s security division, RSA, hacked!

Yesterday, EMC, the world’s largest maker of data storage computers announced that its security division, RSA, had been hacked. Although the scope of the attack on EMC was not immediately known, the Hopkinton, MA-based company’s customer list includes the military, governments, banks, health insurance companies, and medical facilities. EMC’s filing with the Securities and Exchange Commission (SEC) and a Web site posting describe the attack as an “extremely sophisticated cyberattack on RSA in the form of an “Advanced Persistent Threat.” The jargon refers to a sophisticated computer attack that is often associated with nation-state attacks, corporate espionage, or high-level cybercriminal gangs.

The folks who infiltrated RSA took confidential data about RSA’s SecurID products, a technology that provides security to computer networks through keychain dongles and other products that utilize “two-factor authentication.”

In the SEC filing, RSA said that it is:

“… confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers.” However, “… this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.”

“We have no evidence that customer security related to other RSA products has been similarly impacted,” said the company’s executive chairman, Art Coviello. We are also confident that no other EMC products were impacted by this attack. It is important to note that we do not believe that either customer or employee personally identifiable information was compromised as a result of this incident.”

CNET presents an article with analysis of the incident, including: “What happened?” “What is SecurID?” “How serious it this?” Who is behind the attack?” “What should companies with SecurID deployments do?” and “Are there alternatives for authentication?”

Although the incident is clearly embarrassing for EMC, I applaud them for being as forthcoming as they have been. You will recall that the cyberattacks in early 2010 on 34 Silicon Valley companies, which were linked to the Chinese Politburo, included the targets: Google, Adobe, and 32 “less forthcoming” companies that chose to “stonewall.” These attacks have, can, and will happen to anyone in the future, and safeguards for information have to RECOGNIZE those facts.

EMC said that it is providing “immediate remediation steps” for customers, and true to security practices, did not announce what those steps are.

-Bill at

Cheshire Cat Photo™ – “Your Guide to California’s Wonderland™”

You can view higher-resolution photos (*generally* 7-30 megabytes, compressed) at the Cheshire Cat Photo™ Pro Gallery on Shutterfly™, where you can also order prints and gifts decorated with the photos of your choice from the gallery. The Cheshire Cat Photo Store on Zazzle contains a wide variety of apparel and gifts decorated with our images of California. Framed prints and prints on canvas can be ordered from our galleries on redbubble®. All locations are accessible from here. Be a “Facebook Fan” of Cheshire Cat Photo here! If you don’t see what you want or would be on our email list for updates, send us an email at info@cheshirecatphoto.com.

No Comments to “EMC’s security division, RSA, hacked!”

  (RSS feed for these comments)

You must be logged in to post a comment.

InspectorWordpress has prevented 52153 attacks.
Get Adobe Flash player