Top 5 Stories


Top national security official pins RSA breach on China

29 March 2012

The US government has evidence that Chinese hackers were responsible for the breach of RSA last year that compromised the company’s “underlying software” and required the replacement of hundreds of SecurID tokens, a top national security official told Congress this week.

Gen. Keith Alexander, the head of the US Cyber Command and the National Security Agency, told the Senate Armed Services Committee that Chinese hackers were behind well publicized attacks last year, including the compromise of RSA.

Chinese hackers stole RSA’s “underlying software” during the attack; if China “can do it against RSA that means almost all companies are vulnerable", Alexander was quoted as saying by AOL Defense.

In written testimony, Alexander stressed that the breach of RSA had significant implications for the Department of Defense and the US defense industry.

“A large number of enterprises, including some in the Department of Defense, rely on two-factor authentication using RSA tokens. Indeed, the systems of some non-DoD users were breached not long after the compromise by intruders exploiting the stolen certificates. Cyber Command had immediately recognized the danger to DoD information systems, warned those DoD networks at risk, and took swift mitigation efforts”, the general told the committee.

At the RSA 2012 conference held last month, RSA Chairman Arthur Coveillo Jr. admitted that his company had dropped the ball in not preventing the breach. He said that he felt the breach “personally” and that the company has struggled to regain its reputation in the security community.

This article is featured in:
Data Loss  •  Internet and Network Security  •  IT Forensics  •  Public Sector


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×