(Reuters) - "Unknown hackers have broken into the security networks of Lockheed Martin Corp (LMT.N) and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. "
"They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys from EMC Corp's (EMC.N) RSA security division, said the person who was not authorized to publicly discuss the matter." Reuters
Here's another link to a similar story from the Taipei Times
So far the best countermeasures I've heard if you're an RSA shop are as follows:
ReplyDelete1) Email users after successful login and ask them to report any emails received if they have not been using the VPN service.
2) Introduce a third factor. A client side certificate.
3)Source IP and time/day analysis using GeoIP.
None of these solutions are foolproof and/or ideal. Thanks RSA for leaving us ALL with our pants down!