Hackers tackle secure ID tokens Skip to main content

Hackers tackle secure ID tokens

SecurID token, RSA The SecurID tokens are widely used to grant access to sensitive information

Related Stories

Hackers have stolen data about the security tokens used by millions of people to protect access to bank accounts and corporate networks.
RSA Security told customers about the "extremely sophisticated cyber attack" in an open letter posted online.
The company is providing "immediate remediation" advice to customers to limit the impact of the theft
It also recommended customers take steps, such as hardening password policies, to help protect themselves.
Proof positive In the open letter, written by RSA boss Art Coviello, the company said that the data stolen would not help a "direct" attack on the the SecurID tokens.
It did not disclose exactly what had been purloined and only said that the information "specifically related to RSA's SecurID two-factor authentication products".
RSA's SecurID tokens are used by millions of people alongside passwords to beef up security.
As its name suggests, two-factor authentication involves improving security using two methods of identifying a user. The first factor is usually the traditional login ID and password combination.
The second factor can be a SecurID token that is paired with back-end software that generates a new six digit number every minute.
A token paired with this software generates the same numbers so only the holder will be able to type in the right digits and get access.
RSA said the information stolen could reduce the effectiveness of this two-factor authentication system if a company came under a broader attack by malicious hackers.
This could potentially put a lot of people at risk as RSA claims to have millions of people using its security technology to secure online accounts and access to corporate systems.
RSA recommended that firms monitor social network sites to spot if hackers were trying to capitalise on what they now know about RSA's systems.
This could be because hackers have got information about who has which token and might try to exploit that to trick employees into giving them access.
RSA also recommended reminding users about the dangers of responding to suspicious e-mails, to limit who can access critical infrastructure systems and to reinforce all policies surrounding SecurID token use.
There could be "tremendous repercussions" if criminals piggy-backed on what they know to stealthily get at corporate and other critical systems, said Richard Stiennon, chief research analyst at security firm IT-Harvest.
"You'd never have a sign that you've been breached," he said.

http://www.bbc.co.uk/news/technology-12784491
Labels:

Comments

Post a Comment

Popular posts from this blog

Sri Bhaddanta Chandramani Mahathera

The Life Story of A Distinguished And Outstanding Bhikkhu The Most Venerable Saradawpharagree Sri Bhaddanta Chandramani Mahathera The Buddhist missionary Saradaw Ashin U Chandramani was endowed with great gifts and led a famous and long life. He was a very well known, distinguished and outstanding Bhikkhu Mahathera. While living in the Kushinagar Monastery, a place close to where the Lord Buddha had passed away to Nirvana, the Government of India had offered, and he had accepted, the highest, most honourable and respected title "Guru Guru MahaGuru". He became the first ever President of all Buddhists in India.A World Buddhist Conference took place in Kathmandu during the reign of King Mahindra of Nepal. The Conference was very well attended by over one hundred thousand Buddhists from various parts of the world and it was opened by King Mahindra himself. As requested by the King, Saradawpharagree blessed all the participants with the power of Triple Gems...
Post a Comment
Read more

Thai penis whitening trend raises eyebrows

Image copyright LELUXHOSPITAL Image caption Authorities warn the procedure could be quite painful A supposed trend of penis whitening has captivated Thailand in recent days and left it asking if the country's beauty industry is taking things too far. Skin whitening is nothing new in many Asian countries, where darker skin is often associated with outdoor labour, therefore, being poorer. But even so, when a clip of a clinic's latest intriguing procedure was posted online, it quickly went viral. Thailand's health ministry has since issued a warning over the procedure. The BBC Thai service spoke to one patient who had undergone the treatment, who told them: "I wanted to feel more confident in my swimming briefs". The 30-year-old said his first session of several was two months ago, and he had since seen a definite change in the shade. 'What for?' The original Facebook post from the clinic offering the treatment, which uses lasers to break do...
1 comment
Read more

Father of Kao Tao murders suspect requests chance to talk to his son

Migrant worker's father in Rakhine State says he wants to talk to his son. Suspect Win Zaw Htun, in red shirt, sits with suspect Zaw Lin, centre, during a police "re-enactment" of the murder of two British tourists on a beach on Koh Tao, Thailand October 3. Photo: AFP/Thai Police   The murder of two British tourists on a beach in Thailand has caught media attention from around the world. With the focus now on the two Myanmar migrant workers charged with murder, Mizzima talked by phone October 8 to U Tun Tun Hteik, the father of Win Zaw Htun, 21, one of the two suspects. The father lives in Kapi village, Kyaukphyu Township in Rakhine state. Britons Hannah Witheridge, 23, and David Miller, 24, were murdered on a beach on the Thai island of Kao Tao, 410 kilometres south of Bangkok on September 15. Controversy surrounds the efforts by the Thai authorities to solve the case, with the Thai govern...
Post a Comment
Read more