RSA is a security firm that provides a SecurID product used by 40 users. Basically they provide a token that is carried and provides a code that changes every 30-60 seconds that is also entered for a login. This way without the token logins should be secure. The problem is the seed and the algorithm for the tokens was stolen from RSA in a hack. This was used in the hack of Lockheed Martin.
It seems that RSA had poor security on their own network. I guess the idea of the cobblers children having no shoes.
The RSA Hack: How They Did It - NY Times
RSA finally comes clean: SecurID is compromised - Ars Tecnnica
No comments:
Post a Comment