Earlier this year the network at RSA Security was breached and information related to SecurID authentication tokens was compromised. Since then, security experts have been waiting to see what the fallout would be, and now we know.
Lockheed-Martin revealed that its networks were targeted by attackers. The defense contractor has not specifically stated that the compromised RSA SecurID tokens were a factor, but clues support that conclusion. Thankfully, Lockheed-Martin was able to very quickly detect and identify the attack, and take swift action to protect data so that no sensitive information was compromised.
The situation basically amounts to knowing that a thief stole the keys to your house, but then not bothering to change the locks and hoping nothing will happen. In this analogy, Lockheed-Martin apparently had some well-trained attack dogs on the other side of the door to prevent intrusion. But, many companies of all sizes rely on RSA SecurID tokens, and not all of them have the security skills or resources of Lockheed-Martin.
Don’t just sit with your fingers crossed hoping the bad guys won’t show up. Change the locks. Make sure that the compromised RSA SecurID tokens can not be used to gain access to your network, and make sure you have tools in place to detect suspicious activity and prevent sensitive information from leaving the network.