preview

Cyber Attack on RSA Security LLC

Good Essays
CYBER ATTACK ON RSA

1. BREACH:
RSA Security LLC, is an American computer and network security company, and is a division of EMC Corporation. RSA is an independent company named after its co-founders Ron Rivest, Adi Shamir, and Len Adleman. The company’s headquarters is located in Bedford, Masachusetts, United States of America. Encryption and network SecurID Authentication tokens are its major products. In mid March 2011, spear phishing attack exploited an Adobe Flash vulnerability that was not patched at the time, and is considered as one of the worst attacks in 21st century. The RSA immediately reported that information stolen is related to SecurID two factor authentication products. The company has faced criticism of its approach and maintained secrecy by keeping attackers in the dark as much as possible. Later, in a conference call with analysts, RSA revealed that small groups of RSA employees were targeted through e-mail phishing displaying the title “Job Recruitment 2011” that landed in email-junk folder. The document is an excel sheet, resulting hackers to gain control of machines and access servers in RSA’s network. The excel sheet contained a zero-day installed through Adobe Flash vulnerability. Some hints were left when the thefts of RSA’s database mapping token serial numbers to the secret token seeds that were injected to make each one unique.

2. IMPACT :
The impact of this cyber attack is,
Get Access