[cryptography] OT: Found: the missing link in RSA SecurID hack Read more: Found: the missing link in RSA SecurID hack

Kevin W. Wall kevin.w.wall at gmail.com
Sat Aug 27 13:20:42 EDT 2011


On Fri, Aug 26, 2011 at 11:36 PM, Jeffrey Walton <noloader at gmail.com> wrote:
> It kind of takes the wind out of the sails of the "Advanced Persistent
> Threat" defense....
>
> http://www.pcpro.co.uk/news/security/369556/found-the-missing-link-in-rsa-securid-hack:

Pretty much what I've been saying all along, every since the story of the
RSA SecurID breach broke back in mid-March.

To me, the only really surprising thing is, that according to the article,
this spear phishing *only* targeted a single individual, or at most four.
(Only one person targeted on To: line and 3 others CC'd.) If that
is true, then I'd say that the attackers must have really done their
homework and had a high degree of certainty that one of those recipients
would follow their instructions and open the infected Excel spreadsheet.
They must have also known that AV software RSA was using would not
identify it as malware. But I definitely I see no evidence of any "APT" here.
In my personal opinion, the whole APT thing was just a BS cover story that
Art Coviello fed the media. I stand by the conclusions of my original SC-L post
on this, archived at:

    http://krvw.com/pipermail/sc-l/2011/002605.html

-kevin
-- 
Blog: http://off-the-wall-security.blogspot.com/
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We *cause* accidents."        -- Nathaniel Borenstein



More information about the cryptography mailing list