Top 10 Influential 2011: RSA's advanced persistent threat
While the repeated hacking of Sony's PlayStation Network service grabbed mainstream media attention this year, an even more surprising compromise was being played out with RSA's SecurID tokens, earning it a place in the Top 10 Influential list for 2011. The drama began on 18 March 2011 when security vendor RSA discovered it had been hit by an advanced persistent threat (APT) from an undisclosed nation state which took all the information stored on its SecurID tokens. These tokens are used on PCs, USB devices, phones and key fobs in many companies to provide an extra layer of security beyond a username and password for people logging into programs or networks. Two weeks later, US government contractor Lockheed Martin was reportedly forced to pull access to its virtual private network after hackers compromised the SecureID technology.
However, it was not just US based companies that were affected by the APT. Australian banks Westpac and ANZ announced in June that while there were no signs of compromise, a decision was made to replace all SecurID tokens in order to ease customers concerns. At the time Westpac would not say how many tokens were replaced but ANZ revealed it was re-issuing 50,000 new tokens to customers.
The story didn't end there as RSA came in for criticism from the international and Australian IT industry as details were slow in forthcoming, three months after the compromise took place. 2nd Phase founder, Campbell Bradford, questioned why RSA customers were waiting so long for replacement tokens. According to Bradford, Australian customers had invested in one of the most expensive systems on the market and had to "shell out" more expense recalling and redistributing tokens.