Cyber-attack on RSA by nation state groups

14/10/2011

Key US defence contractor RSA Security admitted yesterday that cyber-attacks on the company’s SecurID authentication tokens earlier this year can be traced to two nation state hacker groups. RSA’s executive chairman Art Coviello said: “There were two individual groups from one nation state, one supporting the other. One was very visible and one less so. We’ve not attributed it to a particular nation state, although we’re very confident that with the skill, sophistication and resources involved it could only have been a nation state.”

 

The company explained that despite its relatively simple conception – the exploit used an Excel spreadsheet with an embedded malicious software –, the attack had to be considered as very sophisticated and efficient. RSA however highlighted that no customers’ networks were breached as a result of the SecurID data stolen while the attack had clearly been aimed to stealing military contractors’ data and Lockheed Martin had suffered a cyber-attack based on some of the stolen data.

 

The SDA recently launched a cyber-security initiative, featuring EU Commissioner for Home Affairs Cecilia Malmström in an evening debate on November 9th.