EMC, the company behind the security devision RSA, announced last week that it was a victim of a cyber attack. The Advanced Persistent Threat (APT) attack was successful in extracting certain information from RSA's systems, including information about RSA's SecurID two-factor authentication products.
Does this breach put you at risk?
EMC assures SecureID customers that the information will not make direct attack possible, but that the information could "be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."
RSA encouraged customers to look for suspicious login activity and monitor changes in user privileges and access control. This is a good time to do a thorough review of user access.
Unlike normal breaches we cover, this breach is not about personally identifiable information, directly. This breach is about the steps you take to protect that information. Given that no single security approach is infallible, as we see here, it's important to take a multi-layered approach to your security planning.
Multi-Layered Security Planning
As the result of this breach, many news outlets are recommending that SecureID customers boost their defences and others are using this news as a means to put pressure on additional cybersecurity legislation. This is basic security advice we have always put forth.
A layered approach to computer security assesses all the potential risks to data loss and chooses products and procedures that will cover those risks – each layer adding additional protection. No single technology or service can mitigate all risk, so it’s a matter of weighing the costs and benefits of each “layer” to see what best fits your needs. You may also find that you need multiple solutions to cover each “layer”.
As far as two-factor authentication goes, you could think of adding a second type in light of the RSA breach. Though there's no evidence yet that this step is necessary, a back-up doesn't hurt.