ISSUED BY: GCIS Communications Command Center
SOURCE: NextGov
24March2011 7:00amEST
GCIS INTELLIGENCE UPDATE: A product many federal employees use to log on to computers and networks should be regarded as compromised, due to the infiltration of key information about the application during a cyberattack against manufacturer RSA, some security experts said.
The Homeland Security Department — the civilian agency that oversees commercial and government cybersecurity — has relayed mitigation procedures to federal agencies that have installed RSA's SecurID tools, the department announced on Friday. A DHS official on Monday said the government is not recommending that agencies replace their SecurID products. The department is helping RSA and clients who control critical infrastructure deal with the threat to the devices, which are a single point of failure in the computer security ecosystem, according to some industry observers.
Agencies "should consider [the ID tools] breached," said Tom Kellermann, a former World Bank computer specialist and now an executive at Core Security Technologies, a firm that lawfully penetrates its clients' systems to identify network weaknesses.
SecurID, which verifies the identities of authorized users, consists of a token — a portable physical object such as a smart card or USB drive that controls access to a system. The device displays a continuously changing code that the user enters, in conjunction with a personal identification number, or PIN, to log into a network through a process known as two-factor authentication. (read full report)