GCIS INTELLIGENCE BRIEFING: RSA security breach compromised federal network ID tool

ISSUED BY: GCIS Communications Command Center

SOURCE: NextGov

24March2011 7:00amEST

GCIS INTELLIGENCE UPDATE:  A product many federal employees use to log on to computers and networks should be regarded as compromised, due to the infiltration of key information about the application during a cyberattack against manufacturer RSA, some security experts said.

The Homeland Security Department — the civilian agency that oversees commercial and government cybersecurity — has relayed mitigation procedures to federal agencies that have installed RSA's SecurID tools, the department announced on Friday. A DHS official on Monday said the government is not recommending that agencies replace their SecurID products. The department is helping RSA and clients who control critical infrastructure deal with the threat to the devices, which are a single point of failure in the computer security ecosystem, according to some industry observers.

Agencies "should consider [the ID tools] breached," said Tom Kellermann, a former World Bank computer specialist and now an executive at Core Security Technologies, a firm that lawfully penetrates its clients' systems to identify network weaknesses.

SecurID, which verifies the identities of authorized users, consists of a token — a portable physical object such as a smart card or USB drive that controls access to a system. The device displays a continuously changing code that the user enters, in conjunction with a personal identification number, or PIN, to log into a network through a process known as two-factor authentication. (read full report)

"GCIS INTELLIGENCE UPDATE" is an intelligence briefing presented by Griffith Colson Intelligence Service, and provided to the public for informative purposes only. All subject matter is credited to it's source of origin, and is not intended to represent original content authored by GCIS, it's partners or affiliates. All opinions presented are those of the author, and not necessarily those of GCIS or it's partners.

GCIS INTELLIGENCE BRIEFING: Mexico's minors first to use iris scan IDs

Process for adults to begin in 2013

ISSUED BY: GCIS Communications Command Center

SOURCE: BRIETBART

25January2011 9:15amEST

GCIS INTELLIGENCE UPDATE:  Mexico will on Monday become the first country to start using iris scans for identity cards, according to the government, which claims the scheme will be highly secure.

"The legal, technical and financial conditions are ready to start the process of issuing this identity document," Felipe Zamora, responsible for legal affairs at the Mexican Interior Ministry, told journalists Thursday.

The documents, which will include the eye's image as well as fingerprints, a photo and signature, will be 99 percent reliable, Zamora said.  (read full report)