EMC Foots $66 Million Bill For RSA Attack

EMC Corporation announced via an earnings call Tuesday that it
spent $66 million during the second quarter on its security firm division RSA to
recover from a cyberattack that compromised their SecurID product in March,
according to a post on the Washington Post’s Post Tech blog.

Executives at U.S. defense contractor L-3 Communications warned employees in April about an attempt by unknown assailants to compromise the company’s network using forged SECURID tokens from RSA. The report, if accurate would be the second attack on a leading defense contractor with links back to a high-profile hack at RSA Security, the security division of EMC Corp. in March.

UPDATE: Call it ‘dancing with the girl that brought ‘ya,’: two weeks after it disclosed a serious security breach at its RSA Security Division, tech firm EMC said it was buying NetWitness, a threat analysis firm that helped it detect the breach in the first place.

RSA, the security division of EMC Corp. has warned customers to be on the lookout for targeted attacks, including suspicious messages and links sent over social media networks in the wake of a sophisticated attack that spilled confidential information about the workings of the company’s SecurID strong authentication product.

RSA Security, a division of EMC Corp. has admitted that it was the victim of a sophisticated attack that resulted in the theft of secrets related to its SecurID two-factor authentication product.

From GCN (William Jackson)
The rapidly evolving collaborative information infrastructure offers developers an opportunity to create true security by building it into information technology systems, said Arthur Coviello, president of RSA, EMC’s security division. “We are at a critical inflexion point” created by the rapid adoption of new technologies such as virtualization, cloud computing, and collaborative Web 2.0 tools and applications, Coviello said today during his keynote address at the RSA Conference.
He also called on the security community to create an ecosystem in which a common set of design standards governs the development of security tools. Read the full story [gcn.com]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.