DHS, Agencies Take Precautions In Wake of RSA Breach

The Homeland Security Department is coordinating with agencies to ensure federal networks are not compromised by a cyber attack Thursday that hit computer security contractor RSA, DHS officials said Friday.

On Thursday, RSA reported an intrusion that stole information related to an RSA product, SecurID, that its customers use to verify the identities of authorized users. The so-called two-factor authentication tool requires a password, or some other piece of information, as well as an object, such as a smart card, to confirm identification.

"U.S. government agencies and departments have been informed of this vulnerability and provided with mitigation measures, in coordination with RSA," DHS spokeswoman Amy Kudwa said. "DHS is also in the process of distributing similar information to our critical infrastructure partners," or systems that could cause economic or safety disasters if disrupted.

A notice on the RSA website said the firm believes the hack took the form of an advanced persistent threat, which goes undetected while inflicting damage.

"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack," wrote RSA Executive Chairman Art Coviello in the message.

The company is instructing customers on steps they should take to strengthen SecurID installations, according to the site.

The firm has no evidence that other products were targeted by the infiltration, or that personal information was breached, Coviello stated. The company intends to share observations about the incident with other security vendors to better protect everyone from increasingly sophisticated threats, he added.

The number of attacks against federal computers jumped 40 percent in 2010, according to a new White House report on agencies' conformance to the 2002 Federal Information Security Management Act.

Kudwa said DHS is tapping technical experts and investigators from other relevant agencies to help RSA respond to the incident.

"With our partners in industry, the U.S. government is working toward one goal: securing the networks and systems that are critical to the everyday functions of our society and economy," she said.