While RSA Security, a division of EMC Corporation, is remaining silent about exactly what attackers got away with last month, the provider of its SecurID authentication devices has released details about the nature of the breach.
RSA last month disclosed that its two-factor SecureID tokens had suffered a sophisticated cyber-attack that extracted information about the authentication devices. In RSA's official blog, the company detailed how targeted spear-phishing e-mails successfully lured one employee to open an Excel file tainted with an Adobe Flash zero-day flaw that was used to plant a backdoor.
Once on the infected system of the employee, the attackers then weaved their way through the inner RSA Security network until they were able to find what they sought: information about its SecurID authenticators.
That's all it takes to successfully violate one of the world's leading information security vendors.
The incident is reminiscent of a number of recent attacks, widely known as Advanced Persistent Threats (APTs), against Google early last year, and operations launched against a number of unnamed energy companies in McAfee's report Global Energy Cyberattacks: Night Dragon .
What does all this mean for the future of information security, and how can solution providers help customers better secure their systems from attack? Security specialists say it underscores the challenges ahead to protect confidential and proprietary information, and that it calls for not necessarily new approaches to security, but for enterprises to be smarter and more effective at what they currently should be doing.
"We work with some companies that have the best security controls in place, and they spend a significant amount of money on security, and yet they are targeted and their security defenses are regularly breached," says Robbie Higgins, VP of security services at Framingham, MA-based solutions provider GlassHouse Technologies, Inc. "These new attacks mean that more organizations need help tightening their existing security and risk management programs, and they need to fill any gaps they may have in place," Higgins says.
NEXT: Advanced Persistent Threats: New Threat Or Just New Name?