Overclock.net › Forums › Industry News › Technology and Science News › [Darkreading] RSA offers SecureID recall
New Posts  All Forums:Forum Nav:

[Darkreading] RSA offers SecureID recall

post #1 of 16
Thread Starter 
Quote:
Lockheed Martin and RSA today each separately confirmed that the breach that compromised RSA's SecurID authentication technology helped lead to the recent targeted attack aimed at the defense contractor. And RSA late today said it will offer to replace its customers' SecurID tokens.

RSA executive chairman Art Coviello said in an open letter on EMC RSA's website that the company would offer to replace SecurID tokens for "customers with concentrated user bases typically focused on protecting intellectual property and corporate networks" and provide "risk-based authentication strategies for consumer-focused customers with a large, dispersed user base, typically focused on protecting web-based financial transactions."

Source
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
post #2 of 16
Yeah, they should have done this as soon as the secure keys were stolen, took a big profile break in with them to get it though. tongue.gif
Dynamix
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 7970 Corsair Domintor Twins + Other = 16 Gb 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Black, 500gb OCZ Solid 3 Sony Optiarc Corsair H50 
OSMonitorKeyboardPower
Windows 7 Ultimate Samsung P2570HD + Other Logitech G110 Corsair 750W HX 
CaseMouse
Antec p183 Logitech MX Revolution 
  hide details  
Reply
Dynamix
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-860 Gigabyte GA-P55A-UD4P Radeon 7970 Corsair Domintor Twins + Other = 16 Gb 
Hard DriveHard DriveOptical DriveCooling
WD Caviar Black, 500gb OCZ Solid 3 Sony Optiarc Corsair H50 
OSMonitorKeyboardPower
Windows 7 Ultimate Samsung P2570HD + Other Logitech G110 Corsair 750W HX 
CaseMouse
Antec p183 Logitech MX Revolution 
  hide details  
Reply
post #3 of 16
Quote:
Originally Posted by Zen00;13782818 
Yeah, they should have done this as soon as the secure keys were stolen, took a big profile break in with them to get it though. tongue.gif

True but, at least they're doing it across the board...
post #4 of 16
Quote:
Originally Posted by Masked;13782834 
True but, at least they're doing it across the board...

From the wording in their release, the "recall" will only apply to a select few corporates that have intellectual property to secure - all their other customers are SOL...
post #5 of 16
Quote:
Originally Posted by EvanPitts;13782987 
From the wording in their release, the "recall" will only apply to a select few corporates that have intellectual property to secure - all their other customers are SOL...
Probably not.

If any company gets breached due to the RSA leak, they would go and sue RSA since the company is fully aware that there is an issue. The issue is big enough to warrant a partial recall so it would be an easy case.

Besides, the cost of issuing new tags would probably be a few million but the cost of litigation, damages, and PR could easily be much more.
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #6 of 16
Thread Starter 
Quote:
Originally Posted by DuckieHo;13783021 
Probably not.

If any company gets breached due to the RSA leak, they would go and sue RSA since the company is fully aware that there is an issue. The issue is big enough to warrant a partial recall so it would be an easy case.

Besides, the cost of issuing new tags would probably be a few million but the cost of litigation, damages, and PR could easily be much more.

Exactly.

Each token is about $10-$15 each, so the cost to replace a couple million isn't too bad, especially considering the cost the defense contractors could sue for when "some one" steals their weapons designs.
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
post #7 of 16
Quote:
Originally Posted by EvanPitts;13782987 
From the wording in their release, the "recall" will only apply to a select few corporates that have intellectual property to secure - all their other customers are SOL...

I'm not sure about that, though the article is sufficiently vague:
Quote:
Originally Posted by source 
Coviello elaborated on the token recall, saying that RSA will offer token replacements "for virtually every customer we have" and offer transaction monitoring and intrusion detection for its customers—namely financial institutions, according to the article.

I like how they used "virtually every customer we have" but then go on to specify that it's mostly financial institutions... My company uses RSA for our VPN--we're not that big, maybe 5000 people worldwide, but we're not a financial institution. Wonder if we're included in the "virtually every customer" vocabulary.
    
CPUMotherboardGraphicsRAM
i5-2500K Biostar TP67B+ XFX HD5750 1GB 2x4GB DDR3 Corsair 1600 
Hard DriveOSMonitorPower
60GB OCZ SSD, 2x160GB HDD RAID0, 500GB+500GB+1.5TB Windows 7 Ultimate 64-bit Samsung SyncMaster 930B Antec SmartPower 450w 
Case
Antec 900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5-2500K Biostar TP67B+ XFX HD5750 1GB 2x4GB DDR3 Corsair 1600 
Hard DriveOSMonitorPower
60GB OCZ SSD, 2x160GB HDD RAID0, 500GB+500GB+1.5TB Windows 7 Ultimate 64-bit Samsung SyncMaster 930B Antec SmartPower 450w 
Case
Antec 900 
  hide details  
Reply
post #8 of 16
Thread Starter 
Quote:
Originally Posted by guyladouche;13783063 

I like how they used "virtually every customer we have" but then go on to specify that it's mostly financial institutions... My company uses RSA for our VPN--we're not that big, maybe 5000 people worldwide, but we're not a financial institution. Wonder if we're included in the "virtually every customer" vocabulary.

I'd bet you guys would be able to.

If you are a 100 person company then maybe not, but if you are a couple thousand person company or a government institution, then you probably can. My organization isn't very big, but we might just insist on token replacement to be sure.
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
post #9 of 16
Quote:
Originally Posted by guyladouche;13783063 
I'm not sure about that, though the article is sufficiently vague:



I like how they used "virtually every customer we have" but then go on to specify that it's mostly financial institutions... My company uses RSA for our VPN--we're not that big, maybe 5000 people worldwide, but we're not a financial institution. Wonder if we're included in the "virtually every customer" vocabulary.
Just tell them, that your IT reported suspicious activity..... so GIVE US NEW TOKENS!
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #10 of 16
Thread Starter 
Quote:
Originally Posted by DuckieHo;13783289 
Just tell them, that your IT reported suspicious activity..... so GIVE US NEW TOKENS!

Haha, perfect!
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
C2D T7100 1.8 ghz (undervolted) ummm... Dell Intel X3100 2 x 1gb 667mhz 
Hard DriveOptical DriveOSMonitor
Fujitsu 7200 RPM 120gb CD-RW/DVD dual boot Vista business 1440x900 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [Darkreading] RSA offers SecureID recall