Back in March, the security firm RSA announced that its servers had been hacked. The irony of a security firm being hacked wasn’t lost on many. The issue the hack raised was that RSA issues the security tokens that are used to protect networks all around the country including some networks that have classified information on them relating to the military. The data stolen eventually helped facilitate and attack on military contractor Lockheed Martin.
At the time the hack was made public RSA admitted that data had been extracted from their servers and that extracted data might be used to reduce the effectiveness of the SecurID tokens RSA produces. RSA has now announced that it believes that with the sophistication of the attacks that only a nation state could have been responsible for the hacks. Eyes have been on China for a long time as a possible source for the hacking attacks, but RSA hasn’t pointed the finger at China yet.
RSA believes that two groups were involved in the attack calling one “very visible” and the other “not so visible” and the two groups supported each other. RSA executive chairman Art Coviello said at the RSA Security conference that he is confident with the resources on the investigation the nation state responsible will be uncovered.
There were two individual groups from one nation state, one supporting the other. One was very visible and one less so. We’ve not attributed it to a particular nation state although we’re very confident that with the skill, sophistication and resources involved it could only have been a nation state.