Two groups from the same country teamed up to launch a sophisticated attack against RSA Security's systems last March, EMC's security division said. Unspecified information gained during the attack paved the way towards an unsuccessful attack against a defence contractor (self-identified as Lockheed Martin), senior RSA execs …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Tuesday 11th October 2011 20:26 GMT Destroy All Monsters

"were looking for 'defence-related intellectual property'"

No.

"Intellectual Property" is stuff you want to sell, but not really, so that you can have the cake and eat it too.

This is stuff you don't want to sell. It's called "secrets". Like in "trade secrets" or "defense secrets".

0 2
Tuesday 11th October 2011 22:18 GMT Not That Andrew

Are they really saying that they still wouldn't know what had happened if they hadn't just bought Netwitness?

1 0
Tuesday 11th October 2011 22:22 GMT JimC

I'm begiining to wonder

Whether internet connected corporate networks have a future long term... Ultimately it seems that whilst you may stop the script kiddies and the less sophisticated crooks at the cost of a serious amount of time and money if someone big enough is determined to breach your security then they will succeed sooner or later... So where will we go? F off big caching systems at the border perhaps? I remember in the early days of net security when we had insufficient confidence in our ability to secure access into our network we used various means to cross the border host to host. Maybe those days might come back again... Not a happy thought...

0 0
1. Wednesday 12th October 2011 12:03 GMT Paul Crawford
  
  @I'm begiining to wonder
  
  The lesson is not a new one - keep your secrets off any internet-connected machines. Have two networks, one private for all important stuff, one public-facing for customer related activities.
  
  Old school physical entry or compromised staff are still ways of getting raided, but you no longer rely on the integrity of a billion lines of code written partly by low-cost code monkeys and peddled by vendors who are market focused (e.g. add features to sell new versions, rather than fixing problems).
  
  OK, this won't happen due to cost and convenience issues, but its not exactly rocket science to avoid internet attack vectors.
  
  0 0
  1. Friday 21st October 2011 12:19 GMT Tom 13
    
    Except that solution doesn't work either.
    
    It's too costly and inefficient. Even entities which try to implement that solution have been hacked. That's part of what Stuxnet was all about - bridging the air gap for the super-secure Iranian uranium processing plants.
    
    0 0
2. Wednesday 12th October 2011 16:02 GMT Anonymous Coward
  
  Caching systems...
  
  Thats just what NetWitness is - full packet capture, storage for months/years and the ability to interogate that data.... its awesome
  
  0 0
Tuesday 11th October 2011 22:30 GMT Redbaron

"However with the skill and degree of resources involved it could only have been a nation state."

I would suggest it could only have been anything but.

0 0
Wednesday 12th October 2011 13:25 GMT Field Marshal Von Krakenfart

Over reliance on the internet.

The problem is the over reliance on the internet as the transport medium, many years ago the only way I had to gain remote access was to dial a dedicated phone number, connect and sign-in. Once I had identified myself to the system I was disconnected and the system then rang me back to continue the session.

I not aware of any method to forge recipient phone numbers. I sure the system described above is still hackable but you need to physically tap the phone line first.

0 0
1. Friday 21st October 2011 12:19 GMT Tom 13
  
  That was a decent solution when the networks were separated.
  
  But these days even the phone companies are transforming the voice data in to ip packets and transferring them over the high speed backbones. And integrated telephony does make it possible to forge phone numbers. It's a brave new world out there. Best to have your IT MOP3 suit handy and keep it repaired.
  
  0 0