Defence giant L-3 Communications has become the second victim of an attempted hack attack that relied on the RSA SecurID hack that took place earlier this year. A leaked internal memo, obtained by Wired, said that L-3's Stratus group had been actively targeted with attacks based on "leveraging compromised information" from the …
"information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack"
More like RSA were p0wned completely but did not want to frighten the shareholders...
Anyone else talking?
They'd need a little more information...
You say: Armed with this information, an attacker would need only to obtain the PIN a user logs in with in order to gain the same rights to access sensitive information, highly valuable blueprints and more.
Well they would need to know the serial number of the keyfob that was given to a specific user wouldn't they? I cannot image that would be easy information to obtain. Then they would need that person's username and password which granted, are much easier to obtain through a remote attack.
If the miscreant hackers made off with a RSA database containing said serial numbers, won't it be easy for them to predict what's displayed on every keyfob? We don't know what they made off with as RSA isn't telling.
Getting the username would be as simple as planting a keylogger on the system, which is easy as pie, depending on your browser and how secure you keep your systems.
With access to username and the keyfob code sequence... all that's left to do is bruteforce the PIN/password. Once you have that, you're golden.
L3 should be a *major* account for RSA.
It'd be *incredible* that RSA did not give them more information about what has really been stolen.
Only it's starting to *look* as if RSA were cleaned out, *if* this and the Lockheed attack are linked to the RSA job.
OTOH if you want a paranoid conspiracy theory *somebody* wants to take over RSA and has created enough FUD for their share price to tank, making takeover fairly cheap. On completion RSA "discovers" that the hack was much less serious than thought and Lockheed and L3 discover the intrusion was from another source.
Confidence is returned, the RSA share price returns to normal and the new owners sell out, trousering a few $Bn.*
*Readers are reminded this is a *paranoid* conspiracy theory and in realty Occams razor works pretty well. I'd be looking for a big jump in the fortune of who ever is #2 in the business behind RSA.
RSA are wholly p0wned already
EMC bought them a year or two ago. And EMC is diversified enough that this isn't going to tank their stock price.
So your paranoid theories are not well founded.
They wouldnt need the serial number as they could work this out once they had monitored a user entering their pin + number as they could check which serial number provided that number at the specific time the user entered it.
Seems like RSA keys are pretty useless against the Chinese....