Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Crime Encryption Security IT

RSA's Servers Hacked 172

Khopesh writes "EMC subsidiary RSA was the victim of 'an extremely sophisticated cyber attack' which resulted in the possible theft of the two-factor code used by their SecurID products." The Boston Herald has a short article on the intrusion. Update: 03/17 23:54 GMT by T : Reader rmogull adds "With all the hype that's sure the explode over this one, we decided to do a quick write-up to separate fact from speculation."
This discussion has been archived. No new comments can be posted.

RSA's Servers Hacked

Comments Filter:
  • Ouch (Score:4, Insightful)

    by the linux geek ( 799780 ) on Thursday March 17, 2011 @06:51PM (#35524284)
    These guys aren't like HBGary - RSA basically invented huge portions of modern cryptography. I'm interested in seeing the specifics on how this happened.
    • Re:Ouch (Score:5, Funny)

      by dAzED1 ( 33635 ) on Thursday March 17, 2011 @06:54PM (#35524318) Journal
      likely a soft hack. Insider, or simply seducing an engineer with a cute girl.
    • by vux984 ( 928602 )

      Meh, I'm still unconvinced that the "extremely sophisticated attack" might be code for the "login to the company vpn was the same as his dog's name, which he posted on facebook..."

      Or maybe a secretary who knew the passwords to the system got bribed...

      An "Advanced Persistent Threat" really doesn't mean much when you break it down.

      Most security breaches aren't all that sophisticated technically, and I'm cynical that they are making it sound much more impressive than it really was to try and preserve their cre

      • Meh, I'm still unconvinced that the "extremely sophisticated attack"

        That used to be a good assumption to make until the steps required to manufacture the stuxnet worm were revealed [arstechnica.com].

        The penetrator likely has eyes on a very specific secondary target, and grabbing this information was a preliminary step.. Imagine the resources that could have been applied. I'm betting physical access was required at RSA.

        Seth

        • by vux984 ( 928602 )

          I actually agree on both your points (that rsa was a preliminary target, and that physical access was required...). But that doesn't make it a sophisticated attack.

          Indeed the fact that physical access was probably required points directly towards a low tech attach involving some old fashioned "social engineering".

      • Does this mean I need a new authenticator for my WoW account? Crap. Those guys over at SusanExpress (free keylogger with every purchase!) must really be sophisticated now, that they have the elliptical functions needed to generate my RSA code in real time. And me with 4 level 85's to feed...
    • But do Ron Rivest, Adi Shamir, and Len Adleman have anything to do with RSA the company nowdays? I know they invented some algorithms which bare the name RSA, but that doesn't mean they have (or ever had) anything to do with the day to day operations of RSA the company.

      • Well, they founded it. That kind of involves involvement with the day-to-day ops.
        • by msauve ( 701917 )
          So, by your definition, Henry Ford is still involved with day-to-day operations of the Ford Motor Company?
          • MrEricSir said "doesn't mean they have (or ever had) anything to do with the day to day operations." Ford did indeed have things to do with the day-to-day operations of Ford Motor at one point.
          • by jd ( 1658 )

            That explains the zombies.

          • by swb ( 14022 )

            Henry was actually the defacto leader of the company well into the 1930s, more than 30 years after the founding of Ford.

            Thus, by your logic, it makes sense that R, S, & A would be involved in RSA's business.

      • But do Ron Rivest, Adi Shamir, and Len Adleman have anything to do with RSA the company nowdays? I know they invented some algorithms which bare the name RSA, but that doesn't mean they have (or ever had) anything to do with the day to day operations of RSA the company.

        How do the algorithms created by RSA's founders expose RSA?

    • Re: (Score:3, Insightful)

      by dfcamara ( 1268174 )
      Hacking systems very rarely involves breaking cryptography. It's bad reputation for their sys admins but not so for their cryptography experts.
    • Probably some student on an internship, added a usb key to the drive which compromised the machine, which propagated, then sent a signal to the cc and was sent back another bit of code to bypass firewalls altogether and get downloads happening. Other then that, it is impossible (properly configured)....to burn unto a cd or download unto a usbkey from their pcs over there. So how do you getthe files there, they have been alll but blocked off from the internet with firewalls, so someone from the inside had to

  • by pedantic bore ( 740196 ) on Thursday March 17, 2011 @06:57PM (#35524346)

    I can imagine how this is going to play out when the IT folks at my company find out about this. They'll panic, revoke all the SecureID cards, and then no more working from home until something much more complicated, unreliable, and probably requiring Windows7 is found to replace it.

    Crap!

    • Re:Crap, crap, crap (Score:5, Informative)

      by Anonymous Coward on Thursday March 17, 2011 @07:15PM (#35524522)

      Are you talking about SecurID smartcards? If so then the hackers wouldn't have any advantage against those. Those use standard PKI and the private key is protected in hardware on each person's specific card.

      What got stolen was the code used in those SecurID tokens. You know those key-fob things that stay in sync based on time and generate a new token every x number of seconds. However, even if the hackers got the algorithms for how that works it still wouldn't help them because the algorithm again uses a set of private data (keys) for each installation. The hackers would have to get that data along with the algorithm they presumably have now.

      In short, this probably means that security will be unaffected. The only difference is now some people know exactly how the time based key fobs work. Which you could figure out anyway if you disassembled the RSA server software. Pretty much what RSA said.

      • by Shikaku ( 1129753 ) on Thursday March 17, 2011 @07:20PM (#35524560)

        Explain that to his manager.

        I'll bet $1337 that GP's scenario will occur anyway.

      • by znerk ( 1162519 )

        What got stolen was the code used in those SecurID tokens. You know those key-fob things that stay in sync based on time and generate a new token every x number of seconds.

        It's a conspiracy to hack my WoW account!

      • by makomk ( 752139 )

        What got stolen was the code used in those SecurID tokens. You know those key-fob things that stay in sync based on time and generate a new token every x number of seconds. However, even if the hackers got the algorithms for how that works it still wouldn't help them because the algorithm again uses a set of private data (keys) for each installation.

        The original SecurID algorithm was actually leaked years ago thanks to someone reverse-engineering one of their soft tokens, and emulators for it that can be used if you have the appropriate per-token key are already publicly available. If RSA feel the need to post a press release now, they must be worried something further has happened. Bear in mind that the shared secret is generated and loaded onto the token prior to shipping by a department within RSA - customers can't load their own key material on - s

        • by Rich0 ( 548339 )

          Of course, the solution to this is to just randomly generate all the keys as pairs, load one key onto the fob, and the other key into a database for dissemination. The private key doesn't get retained at all, and should not be generated in a deterministic fashion.

          Ideally the fob generates both and exports the public key so that the private one never leaves the chip it originated on.

          If that process is followed then getting the contents of every hard drive owned by RSA doesn't let you compromise a single fob

      • "You know those key-fob things that stay in sync"

        Oh, are they suposed to stay in sync? I thought the regular drift was a 'security feature'

        (Meh - we use Yubikeys: http://www.yubico.com/yubikey [yubico.com])

      • by galego ( 110613 )

        >> However, even if the hackers got the algorithms for how that works it still wouldn't help them because the algorithm again uses a set of private data (keys) for each installation. The hackers would have to get that data along with the algorithm they presumably have now.

        True enough ... but people do dumb/lazy/forgetful things with key files all the time. They have to traverse it from one server to another etc. and leave a copy on a desktop, file share or the like (they intended to delete it when th

    • by ildon ( 413912 )

      The real question on everyone's mind: Is my WoW authenticator safe????

  • RSA (Score:2, Redundant)

    by MarkRose ( 820682 )

    Real Secure? Ahahaha

  • by leapis ( 89780 ) on Thursday March 17, 2011 @07:11PM (#35524494)

    They didn't have a two factor authentication process around accessing their source code.

    • by abulafia ( 7826 )
      That was my first thought.

      Probably a simpler attack than that, but still a pretty fucking serious hit for a company/brand that depends on rep as much as RSA does.

    • by jd ( 1658 )

      Likely. The most common cyber-attack is via social engineering, but social engineering is only effective if there's a single point of failure that can be attacked.

      • by lgw ( 121541 )

        Social engineering can be effective against systems with multiple redundant safeguards - it just takes multiple successful attacks. Fool enough of the people enough of the time, and they'll unlock any door you need unlocked.

  • ... pass the popcorn. This might get interesting. ^_^

    • by jd ( 1658 ) <imipakNO@SPAMyahoo.com> on Thursday March 17, 2011 @08:26PM (#35525136) Homepage Journal

      I doubt it. The McEliese cryptosystem [technologyreview.com] from 1978 is immune to attack even by quantum computers, whereas current quantum cryptography has already been broken and can be sampled without detection (if the sample rate is about the same as the noise in the system), but highly secure facilities are investing in QC, not McEliese. Why? Because nobody really cares that much, not at that level. Once you pass a certain point, people become far more vulnerable than technology, so improving the technology won't help security. All it might do is attract funding, which is why QC is so good - fully buzzword-compliant - and old tech that's superior is bad.

      • So you're all out of buttered popcorn then??

      • McEliese isn't "immune to attack even by quantum computers," it's immune to one specific form of quantum cryptanalysis.

      • by iris-n ( 1276146 ) on Thursday March 17, 2011 @10:37PM (#35525918)

        Oh come on!

        This is so wrong that I can't believe you're not malicious.

        As your own article admits, there's nothing that stops a quantum algorithm that breaks McEliese being invented tomorrow. There's not even evidence that such an algorithm is unlikely to exist. That's why McEliese is worthless and nobody pays attention to it.

        When you say QC has been broken, you're probably referring to the implementation of BB84 by IdQuantique that was broken by the norwegian quantum hackers. They themselves say that QC is not broken: http://www.iet.ntnu.no/groups/optics/qcr/ [iet.ntnu.no]

        It was only a particular implementation that was broken, not even a particular protocol. That's because it can't be broken. Of course there is not such a thing as perfect security, but BB84 (and other protocols) is based on sound principles, and we have numerous proofs (yes, mathematical proofs) of security for various scenarios.

        • Ahh, sweet nerdishness returns; that forum of high geekery that was the Slashdot of yore has returned.

          Welcome back, facts.

        • by jd ( 1658 )

          Given that no flaw in the algorithm is known and that the strength increases more rapidly with key length than standard pki (also in the article), there is substantial evidence that no such algorithm will exist (as the article also states).

          • by iris-n ( 1276146 )

            What I call evidence is information-theoretical evidence. For example, if there's a quantum algorithm for breaking McEliese then P = NP. That's not true, because McEliese is not NP-Complete. But if it were, it would be a very strong evidence indeed.

            Currently, we can not prove any classical cryptosystem secure, because we haven't proved that P != NP; that's way everybody accepts just good evidence.

        • MitM breaks QC, always will ... no matter how many assumptions are added to the contrary.

          • by Haeleth ( 414428 )

            Um, surely the whole point of QC is that it is not vulnerable to MitM, because you can't intercept the key exchange without changing it?

            Please explain why I should believe a random Slashdotter on this, rather than the legions of physicists and mathematicians who have published peer-reviewed academic papers that disagree with you.

            • The MitM doesn't intercept the key exchange, the MitM will be the opposing partner for key exchange to both Bob and Alice (pretending to be the other). That's why he is the man in the middle. He cuts the lines (QC has two communication channels) and builds two complete circuits instead of one. To "prevent" this from happening QC protocols begin with the assumption that there is an authenticated plain text channel (or broadcast without the potential for a MitM, but that won't be technically feasible most of

          • by iris-n ( 1276146 )

            Could you please expand on that?

            MitM is exactly what QC is designed to withstand; in a nutshell the attacker can't gain information about the message without also destroying it, because of fundamental properties of quantum measurement. And no, he can't learn the message and then retransmit it.

        • Of course there is not such a thing as perfect security...

          I guess that depends on what your definition of perfect security includes. I consider OTPs to be perfect security. Without the key it is simply not possible, even with brute force, to determine the correct cleartext from any given ciphertext. Every possible cleartext with the same length is equally likely.

      • >> Once you pass a certain point, people become far more vulnerable than technology, so improving the technology won't help security.

        BINGO!!

  • time for new laws! (Score:4, Insightful)

    by swell ( 195815 ) <jabberwock@poetic.com> on Thursday March 17, 2011 @07:17PM (#35524532)

    This is just the opening that lawmakers need to promote panic and obliterate resistance to their 'protective legislation', which will surely be filled with special interest items buried in legalese.

    • Re: (Score:2, Funny)

      Quick! Flip the internet kill switch!!!!
    • by jd ( 1658 )

      It's doubtful any new law could be passed given the current paralysis (especially as the Tea Party can't make any money off an Internet law), but I'd have no objection to a law mandating strong crypto be used for all traffic on the Internet, where "strong" should be defined in relative terms so that it's never obsoleted as technology progresses.

  • Accessing the source code wouldn't be helpful, see http://en.wikipedia.org/wiki/HOTP [wikipedia.org]

    What would be dangerous is if they stole the serial# secret initializer mapping, or the key to decode the mapping if it is algorithmic. Then you can reproduce any key with just its public serial #.

    • by hAckz0r ( 989977 )
      My belief the danger is if the hackers get a chance for a man-in-the-middle attack they can do deep packet inspection of the SSL wrapped authentication session and grab the key-fob one time pad, put that into their magic decoder ring database generated from the source algorithm and then guess the next sequence to be generated. They may have to snoop several sessions to guess the seed used inside the fob, but with today's cloud computing throughput it seems doable to me. Once they have the seed and the curre
    • What would be dangerous is if they stole the serial# secret initializer mapping, or the key to decode the mapping if it is algorithmic.

      Or discovered a flaw in the implementation.

      • by makomk ( 752139 )

        Or, more interestingly, a flaw in the dongle hardware itself. The initial version of the SecurID dongle used an unspecified 4-bit calculator microprocessor, probably built on a fairly ancient process with nice big features and not exactly designed for security. They were basically relying on security by obscurity, hoping that no-one could figure out enough about the unusual microcontroller to be able to extract the code and keys from it. The newer version created after they depleted their supply of the orig

  • by Drakino ( 10965 ) on Thursday March 17, 2011 @07:32PM (#35524666) Journal

    Would be nice if more stories here included a non hyped, rational explanation of the situation. Definitely appreciated the writeup from securosis.

    The recent Android browser vs iOS browser test could have used one, since the test was flawed, and there is a rational explanation for the difference between Mobile Safari and 3rd party apps tapping WebKit.

    Same for all the hyped stories out of Japan causing people to run for iodine tablets on the west coast of the US.

    In general I've become so skeptical of anything these days due to the echo chamber of the internet bouncing around hyped, panicked stories with no followup.

    • by ZDRuX ( 1010435 )
      Oh ok, so I guess the Surgeon General saying you should buy Iodide pills as a precaution is baloney and he's nothing but a big conspiracy theorist. The story [nbcbayarea.com]
      • by 1729 ( 581437 )

        Oh ok, so I guess the Surgeon General saying you should buy Iodide pills as a precaution is baloney and he's nothing but a big conspiracy theorist.

        Yes, it's baloney, though I doubt she is a conspiracy theorist.

        • by ZDRuX ( 1010435 )

          Yes, it's baloney, though I doubt..

          Really? That's it?!.. This is your entire argument? Basically whatever I say is true because I said so... so there! Really, no effort at all put into any sort of coherent counter argument.

          I guess the fact that nuclear fall out from Chernobyl made to it the U.S. and Canada in about 11 (ref 3) days and covered almost all of Europe totally escaped you (ref 1). Or the fact that grains of sand from the Mongolian deserts make it over to the U.S. each year even though it

      • by Drakino ( 10965 )

        For California residents near the two nuclear plants (of which I am), it makes sense as a precaution. Flyers were even sent in the mail about it last spring, offering free tablets to stash in emergency kits. But this is all for being prepared in case of a local disaster, not one hundreds of miles across a vast ocean.

        Something tells me the surgeon general hasn't been properly briefed on the situation, especially considering her comments about being unaware that people are stocking up. Yes, it's bad, but i

      • No, she's not a conspiracy theorist, but she sounds surprised by the question and obviously she'd emphasize more medical preparedness, despite the downside of causing a panic.

      • by gpuk ( 712102 )

        Yes, it appears to be baloney.

        Suggest you have a read of this:

        http://www.theregister.co.uk/2011/03/14/fukushiima_analysis/ [theregister.co.uk]

    • Fear is good for business. I'm not advocating this is a good thing, however.

      In the recent nuclear accident caused by Japan's tsunami, iodine tablet sales soared as you said. War brings up the sales of weapons obviously, both government and consumer (home defense and all that). Fear of robbery/previous example also aids business for security systems. Swine flu tanked pork prices; OK, that wasn't good for businesses but even swine flu infected pork was safe if cooked to FDA standards, and boy did I enjoy

    • The Internet has an echo chamber? Can you imagine how loud it will get in here with all of the people on the Internet?! I'm running to the store to get ear plus right now before I suffer irreparable damage! I advise all concerned Internet citizens to head to your local stores for earplugs as we work together to avert this crisis of international proportions, lest we face the case where all of our heads explode as the sound becomes more than we can take.

      And, above all, remain calm.

    • by weicco ( 645927 )

      people to run for iodine tablets on the west coast of the US.

      Well, I could (almost) understand people's worry on west coast of the US but people are hoarding iodine tablets here in Finland too! Pharmacies have already sold their stocks.

    • In general I've become so skeptical of anything these days due to the echo chamber of the internet bouncing around hyped, panicked stories with no followup.

      I keep hearing about that thing, but I don't believe it really exists.
  • by Konster ( 252488 )

    From one of the links,

    "RSA states they are communicating directly with customers with hardening advise."

    LOL@that. What's their advice? To call 916.459.4727 and set up an appointment?

  • I was expecting a better job from securosis, but then, the first paragraph got right into speculation:

    According to the announcement, RSA was breached in an APT attack (we don’t know if they mean China, but that’s well within the realm of possibility) and material related to the SecureID product was stolen.

    I stopped reading right there.

    • by jd ( 1658 )

      At the moment, my bet is that RSA are sitting very tight on the facts and a press statement of "RSA said that they were hacked" would not make for much of an article.

  • Argument (Score:3, Insightful)

    by DaMattster ( 977781 ) on Thursday March 17, 2011 @08:06PM (#35524954)
    This is precisely why security products should be open sourced. The fact that RSA was compromised and some data (potentially alogrithms) on the RSASecureID was obtained, nullifies any F.U.D. that open source is less secure. If these algorithms had been out in the open, there would be no reason to panic because the development community would have access to the very source code and vulnerabilities addressed rapidly. Now the intruders have the keys to the castle and the only entity that can address the ensuing vulnerabilty is EMC.
    • While I agree with your argument that scrutiny of algorithms leads to better security, the issue here is that private seeds may have been obtained by those who broke into the systems. Even in an open source security scenario, there still has to be private information (such as the private keys used for signing).
  • China is behind this one too. They have been relentless lately when it comes to espionage. Corporate etc.
    • China is behind this one too.

      Prior Chinese attacks against USU governments, corporations and infrastrusture have been covered up or downplayed. The US government doesn't want to offend the Chinese. The US Corporations don't want to lose the Chinese markets. There is a little talk now and then, but it is regarded as isolated incidents. Even Google's loud public protests and the later WikiLeaks disclosures keep being downplayed as unimportant past history.

      At my institution, the attacks have been unending. A week-long break around the 20t

      • Even if they wanted to stop, you can't just lay them off. They need to eat. They have a marketable skill. They are going to attack something.

        Or they can write books about cyber attacks and make a fortune?

        Disposing of nukes will be easy compared to disposing of intelligent, talented, skilled destroyers of IT.

        If you write the title for every slashdot article, the readsership would double in no time.

  • RSA states they are communicating directly with customers with hardening advise.

    How do they know they're communicating directly with their customers? They're giving advice to someone, and their customers are receiving advice from someone, but ...

  • "EMC cyber subsidiary RSA was the cyber victim of 'an extremely sophisticated cyber attack' which cyber resulted in the possible cyber theft of the two-factor cyber code used by their cyber SecurID cyber products."

    "Cyber" makes things sound more cool

  • Here's a conspiracy theory:

    These attackers might have a more significant zero-day vulnerability at their disposal than the SecureID system. They might have used that to breach RSA. But with this other vulnerability available for their private use, the greatest risk is that it will be discovered by victims and rendered obsolete. Now that SecureID has been compromised in some ambiguous way, it allows the attackers to ply their original vulnerability against RSA customers with SecureID being the assumed entry-point.

    It is a theory.

    Seth
  • You mean someone opened an email attachment on their Windows computer?

  • Here's the email RSA sent out to actual customers yesterday:

    [header removed]
    Subject: RSA, the Security Division of EMC, urges critical actions for SecurID installations

    Dear RSA SecurCare® Online Customer,

    Summary:

    We have determined that a recent attack on RSA’s systems has resulted in certain information being extracted from RSA’s systems that relates to RSA’s SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable

Solutions are obvious if one only has the optical power to observe them over the horizon. -- K.A. Arsdall

Working...