The attack against RSA earlier this year has become a case study in how data breaches occur and how companies respond. In this video, Uri Rivner, Head of New Technologies, Identity Protection and Verification, at RSA discusses the attack, the aftermath and the lessons learned from it.
The Department of Homeland Security this week began notifying up to tens of thousands of
Investigative reporters for the Scripps news service have been threatened with legal action after informing a telecommunications company that confidential data on tens of thousands of applicants was available on the Internet.
The Sunshop targeted espionage malware campaign re-uses the Lady Boyle malware and a number of recently patched exploits, including one for IE 8 used in the Department of Labor watering hole attack.
NZ-2013. Day 9. Route. On the ninth day in NZ we simply tramped back along the path we’d already walked along (see Day 7), so spent most of the day checking out scenery we’d already seen. On v...
Ever heard complaints about computer slowdown caused by running antiviral protection? It’s not relevant anymore, that is, if you use a modern antivirus that has been thoroughly optimized for the bes...
Cybersecurity for the next generation!
Very insightful video that reinforces the importance of focusing on protecting the data, since attackers will get through the perimeter. Another key takeaway is to invest in internal controls and have good detection and investigation tools that allow you to act quickly and minimize the impact of the attack. I would add that these controls need to be integrated to avoid silos and visualize the entire infrastructure and landscape. Great interview — thanks for sharing!
good video. I liked when the RSA guy essential made the comment that RSA has the ability, unlike most companies, to know what was compromised. Thats hilarious considering after they were initially breached they claimed SecurID was fine. Then after a couple huge contractors for the gov get breached using SecurID they were like oh wait, no its broken, everyone send in your dongles.
Threatpost needs to vette the stories better. Uri Rivner did not DO any of the work discussed nor was he even on the team at RSA that handled the attack.
Sad….
All this talk about spear-phishing and zero day vulnerabilities is a diversion. RSA got their ass kicked here because they built a 100% software-based security system, therefore vulnerable to software-based attacks.
SecurID keys should never have been exposed to any software. They should have been protected by Hardware Security Modules (HSMs). Those modules must only expose the keys in encrypted form, under the key encryption keys loaded under triple-key-custodian manual controls.
Over the top? Hardly. It’s been standard practice in the financial sector for decades. This is how the master keys for credit card issuing are handled. RSA, as leaders in the security space, should have known this. IMHO, they’ve been negligent.
In addition, security-critical customers, such as defence contractors, should have been auditing their supplier’s security procedures and enforcing use of HSMs and proper security procedures. Again, that’s what banks do to their suppliers.
We understand that, but he’s the one that RSA has made available to discuss the limited details that they’re releasing.