In an open letter to RSA Customers, Arthur W. Coviello, Jr, executive chairman of RSA discussed the recent attack classified as an APT (Advanced Persistent Threat). Their investigation revealed the attack resulted in certain information being extracted from their system.
Some of that information is specifically related to RSA's SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.
CNET’s Elinor Mills has two great articles discussing the ramifications.
What the RSA breach means for you (FAQ)
Article originally appeared on Bobs Tech Talk News and Reviews (http://www.bobstechtalk.com/).
See website for complete article licensing information.