Westpac May Have To Replace Tens Of Thousands Of Security Tokens

X

Westpac may have to replace tens of thousands of RSA SecurID tokens, after a successful breach of their token security system and the exposure of a previously unknown security flaw.

The threat has been linked with Adobe Systems’ Flash player and remote-control technology associated with Chinese spying efforts, the company has disclosed.

According to Westpac sources, the company was told about the problem two weeks ago, but as of this weekend users of the tokens which are used by Westpac customers when transfering from one account to another have not been advised of the security problem.

RSA claim that they advised various Australian Federal Government departments and Westpac  to revisit their access policies. The Financial Times said that the lack of detail on the attack has frustrated RSA customers and fanned speculation, with some in the security industry saying that the damage was limited and others saying that the tens of millions of SecurID tokens in use should be replaced.

In a conference call with industry analysts on Friday  RSA which is owned by EMC,  shed no more light on what the hackers had obtained.

Company officials said that the hackers e-mailed groups of employees at RSA, which is a unit of storage concern EMC and that the e-mails included a Microsoft Excel spreadsheet as an attachment, labelled “2011 Recruitment Plan”.

When opened, the attachment exploited a hole then in most versions of Flash, now fixed by software updates from Adobe, that gave the attackers control of at least one user’s machine. The control technology was a version of what is called Poison Ivy, which was also used in GhostNet, described by analysts as a large Chinese spying operation.

The RSA hackers harvested the login credentials of more company users, connected to other RSA employee machines and then raised the level of access that the machines’ users were entitled to, eventually getting into computers with information about how SecurID works. The data were encrypted and transferred out of the company.

In one blog, RSA executive Uri Rivner said that the rash of major breaches at big western companies showed that the industry as a whole needed to share information and come up with better defences. He said security firms should “define and execute a new defence doctrine based on information sharing, deep analytics and advanced threat management”.

 

728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
Leaderboard 728x90 1 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
728x90 Iconic Westpac May Have To Replace Tens Of Thousands Of Security Tokens
PAN0029 Digital Banners Curry Leaderboard 728x90 02 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
Martin Logan 728 x 90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
Middleton 728x90px Product Westpac May Have To Replace Tens Of Thousands Of Security Tokens
240215 SAV R Volution CNewsFeb Leaderboard 1 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
Haier 728x90 1 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
QUEEN 728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
SPRING FOOTY FINALS 2024 Banner 728x90px Westpac May Have To Replace Tens Of Thousands Of Security Tokens
728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
BEL2385 4SQ Dock Banners 4SQ 728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
Whatmough 728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
Litheaudio 728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
Flick of a switch 728x90 1 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
hitachi banner 728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
BlueAnt PumpAirANC WebBanner 728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
05 Channel New Banner T30S COMBO 728x90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
4SquareMedia 728x90 scaled Westpac May Have To Replace Tens Of Thousands Of Security Tokens
728X90 Westpac May Have To Replace Tens Of Thousands Of Security Tokens
3sixT GS24 EDM 728 x 90 px 02 Westpac May Have To Replace Tens Of Thousands Of Security Tokens


YOU MAY ALSO LIKE