Following recent cyberattacks against several defense contractors, in which hackers breached security using stolen SecurID keys, SecurID maker RSA is promising to replace the tokens for customers concerned about the vulnerabilty of their network data.
In an open letter to all SecurID customers, RSA Executive Chairman Art Coviello acknowledged that the likely motive behind the March theft of SecurID token information was to obtain defense secrets and related intellectual property. RSA specifically warned customers at the time that the theft could breach their security.
In late May, defense contractor Lockheed Martin revealed that it had been attacked by intruders who had created duplicates of the stolen SecurID keys. Incidents also occurred at L-3 Communications and Northrop Grumman. Security experts have told CNET that the attacks could be tied to cyberespionage campaigns waged from China.
China linked to new breaches tied to RSA
Lockheed Martin confirms it came under attack
What the RSA breach means for you (FAQ)
A SecurID token generates a constantly changing series of numbers that employees of a company can use in combination with their own passwords to access their corporate networks.
Though unrelated to the SecurID incident, a wave of cyberattacks have recently hit other companies, including Epsilon, Sony, Google, PBS, and Nintendo, which Coviello said "point to a changing threat landscape and have heightened public awareness and customer concern."
In an effort to calm customers worried about their own security, Coviello said that although he remains confident in SecurID as an authentication system, RSA will expand its security efforts in two key ways:
It will replace the SecurID tokens for customers that need to protect their intellectual property and corporate networks, which in essence could apply to all of the company's customers.
It is offering to set up specific "risk-based authentication strategies" for customers with a large number of users who typically conduct online financial transations.
Coviello is promising to work with customers to review their risk levels and user base to determine which option would be most effective and yet the least disruptive to their operations.
Beyond these measures, Coviello said that the company plans to continue to invest in its SecurID technology in an attempt to strengthen its authentication and its ability to detect "suspicious behavior targeted at networks, transactions and user sessions."