Breach puts pressure on security group RSA

Rivals are intensifying efforts to lure away RSA’s customers, after the security company admitted that its compromised authentication tokens had been used in a hacking attack on Lockheed Martin, the defence contractor.

RSA, the security arm of US-based IT company EMC, has offered to replace its customers’ tokens – which are used by employees to access company IT systems remotely. But this exercise could prove very costly given that RSA has deployed about 40m tokens to more than 30,000 organisations worldwide.

It is the first time RSA has admitted the link between the attack on Lockheed Martin and a security breach at RSA in March, when information related to the tokens was stolen.

In an open letter to customers, Art Coviello, executive chairman, said that he believed the hacking attack had been focused on obtaining military secrets.

“Certain characteristics of the attack . . . indicated that the perpetrator’s most likely motive was to obtain an element of security information that could be used to target defense secrets and related [intellectual property], rather than financial gain, [personally identifiable information], or public embarrassment.”

RSA has been replacing tokens at government agencies and defence groups at an accelerated rate, he added.

However, IT security experts said that many other RSA customers, which include banks, businesses such as Rolls-Royce and government departments such as the French Ministry of Education, were also re-evaluating their security arrangements.

Steve Watts, co-founder of SecurEnvoy, a UK-based rival to RSA, said he had seen an increase in business enquiries ever since RSA’s revelations in March.

“There has been an upsurge, but not all enquiries have turned into sales. Companies have been waiting to see what action RSA is going to take. They have been waiting for today,” Mr Watts said.

RSA’s rivals are planning to cash in by preparing special deals and marketing campaigns to attract customers who have been shaken by the news. RSA has more than 70 per cent of the market for what is known as “two-factor authentication”, whereby users type in a password as well as a randomly-generated number from the token.

“This incident has sparked companies to re-evaluate their reliance on hardware tokens,” said Simon Godfrey, director of security solutions at CA Technologies, which provides software-based authentication, rather than tokens.

IT security companies who resell RSA tokens, meanwhile, have been left wondering who will be responsible for the colossal task of getting the new tokens installed and who will foot the bill.

Copyright The Financial Times Limited 2017. All rights reserved. You may share using our article tools. Please don't cut articles from and redistribute by email or post to the web.