Cybersecurity breach may leave DOD networks exposed

March 31, 2011
Cyber Security, FedCyber Wire
No Comment

via Stars and Stripes

Some Pentagon computer networks might have been laid open to intruders as a result of a recent electronic break-in at one of the nation’s most prominent cybersecurity firms.

Earlier this month, RSA announced that an unknown attacker had launched an “extremely sophisticated” intrusion that snared information about its widely distributed SecurID token. It’s a device that generates random numbers designed to confirm identities of users logging into secured networks — so-called “two-factor authentication,” similar to a military Common Access Card.

Many government agencies, including the Department of Defense, rely on SecurID or other RSA security services. So do businesses around the world, including some defense-industry firms.

The Defense Department won’t say may what be at risk, but said investigators are working with the Department of Homeland Security and FBI to investigate, according to a Pentagon spokeswoman.

“While the Department does not rely heavily on [RSA’s] product solutions, we are determining the impact within the Department,” Pentagon spokeswoman Lt. Col. April Cunningham said in a prepared statement.

The government’s former top cybersecurity official said such attacks can have a broad-ranging effects.

More here.