RSA details March cyberattack, blames “nation state” for SecurID breach

At EMC’s RSA Conference Europe in
London today, RSA executives shared more details on the cyber
attack
that stole information on the company’s SecurID authentication
tokens
in March. RSA executive chairman Noviello said at a press
conference
that two separate hacker groups worked in collaboration with a
foreign government, ZDNet
UK
reports. He would not disclose the parties involved, but
said
“we can only conclude it was a nation-state sponsored attack.”
According to RSA executives, no
customers’ networks were breached as a result of the SecurID data
stolen. RSA president Tom Heiser said during a presentation at the
conference it was clear that the attack was intended to go after military contractors’ data.
The coordinated effort, which used a
series of spear phishing attacks against RSA employees to
penetrate
the company’s network, posing as people they trusted. The phishing
attack installed a “zero-day” exploit to establish a foothold. IDG
reported that the exploit used
a malicio