RSA SecurID

In an unfortunate series of events related to the RSA SecurID technology, reports are coming in that Lockheed Martin's networks have been broken into by unknown perpetrators.  Jim Finkle and Andrea Shalal-Esa broke an exclusive story and reached out to folks in the industry to get to the truth.

"They breached security systems designed to keep out intruders by creating duplicates to 'SecurID' electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter."

RSA's SecurID is a two-factor authentication system, this means the end user has two variables in the equation to gain authorized access:

  1. A password or PIN coupled with a username,
  2. The SecurID device, which generates a random number at a frequency of one per minute.

The network or service the end-user is authenticating into has the technology in place to identify a correct two-factor login.

Earlier this year there were reports of miscreants compromising the RSA SecurID infrastructure.  At the time it was unknown exactly what the compromise meant; however, worst case scenarios projected that the tokens could be duplicated by bad actors.

The Reuters article indicates that this may have happened in the attacks on Lockheed Martin and other US Defense Contractors.

We will monitor this story and follow-up with any developing news, as the impact of this SecurID compromise unfolds.

*Image courtesy of Harvard