RSA SecurID Attack May Have Also Struck U.S. Defense Orgs

Attackers behind March’s RSA SecurID attack apparently used the same method to try to infiltrate two U.S. national security organizations according to data recently made public by file checking site VirusTotal.

SecurID tokenAttackers behind March’s RSA SecurID attack apparently used the same method to try to infiltrate two U.S. national security organizations according to data recently made public by file checking site VirusTotal.

Per an IDG News Service story, the malicious Flash-laden Excel spreadsheet was uploaded to VirusTotal 16 times by 15 different sources between first hitting RSA and after the attack was publicly disclosed by RSA in mid-March.

According to the article, VirusTotal’s founder, Bernardo Quintero claims that two of the targets were organizations related to U.S. national security, yet because of the site’s inherent anonymity, he can’t divulge who exactly uploaded the tainted Excel documents.

Many have speculated that the attack on RSA, a division of EMC, eventually led to the compromise of Lockheed Martin, Northrup Grumman and L-3 Communications.

For more on this, read IDG News’ take.

Suggested articles

RSA conference 2019

RSA Conference 2019 Recap

From privacy to patches, Threatpost editors discuss the biggest infosec news and trends that they saw this week at RSA Conference 2019.

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.