|A Northrop Grumman E-2C Hawkeye 2000 surveillance and reconnaisance plane lands on a carrier.|
In a story recently released by Fox (http://www.foxnews.com/scitech/2011/05/31/northrop-grumman-hit-cyber-attack-source-says/) we see that Northrup Grumman was also compromised via remote access. We can chalk this up to yet another compromise as a result of the intrusion at RSA where the secret sauce was stolen. I wonder if any of these companies are going to go after EMC/RSA for damages?
The article is fairly vague (surprise), but it looks as though the "bad guys" were able to get in. That is unless somebody just accidentally tripped over the cable for the remote access network.
Knowing that implementing SecureID in an environment requires binding user account to a token and issuing the token to the user for use, we can deduce one of two things if these attacks were in fact assisted by information heisted in the RSA compromise:ReplyDelete
1) There is a master access ability built into SecureID not requiring knowledge of the token/user binding
2) Prior knowledge of the token/user binding was already in possession of the attacker.
Am I wrong?