It’s the worst nightmare for a security company: having your systems hacked. But that’s exactly what has happened to EMC’s security subsidiary RSA – although, fortunately, the company spotted the attack and has taken measures to mitigate its effects.
In an open letter to customers, RSA’s executive chairman Arthur Coviello, writes: “Like any large company, EMC experiences and successfully repels multiple cyber attacks on its IT infrastructure every day. Recently, our security systems identified an extremely sophisticated cyber attack in progress being mounted against RSA.
“We took a variety of aggressive measures against the threat to protect our business and our customers, including further hardening of our IT infrastructure. We also immediately began an extensive investigation of the attack and are working closely with the appropriate authorities.”
Coviello says investigations have led the organisanisation to believe the attack is a type of Advanced Persistent Threat (APT), and that some information has been extracted from RSA's systems.
“Some of that information is specifically related to RSA's SecurID two-factor authentication products,” he writes. “While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.
“We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.”
Although the company is taking re-emptive precautions, Coviello says there is no evidence to suggest that customer security related to other RSA products has been similarly impacted.
“We are also confident that no other EMC products were impacted by this attack. It is important to note that we do not believe that either customer or employee personally identifiable information was compromised as a result of this incident.
“Our first priority is to ensure the security of our customers and their trust. We are committed to applying all necessary resources to give our SecurID customers the tools, processes and support they require to strengthen the security of their IT systems in the face of this incident. Our full support will include a range of RSA and EMC internal resources as well as close engagement with our partner ecosystems and our customers' relevant partners.”