EMC's anti-hacking division hacked

Source: Psysorg

Hacker Masters - Learn Cutting Edge Techincal And Legal Hacking Skills - Apply Now! - www.UAT.edu/ia

The world's biggest maker of data storage computers on Thursday said that its security division has been hacked, and that the intruders compromised a widely used technology for preventing computer break-ins.

...................

The incident is a rare public acknowledgement by a security company that its internal anti-hacking technologies have been hacked. It is especially troubling because the technology sold by EMC's security division, RSA, plays an important role in making sure unauthorized people aren't allowed to log into heavily guarded networks.

The scope of the attack wasn't immediately known, but the potential fallout could be widespread. RSA's customers include the military, governments, various banks and medical facilities and health insurance outfits. EMC, which is based Hopkinton, Mass., itself is an RSA customer.

EMC said in a filing with the Securities and Exchange Commission that RSA was the victim of what is known as an "advanced persistent threat," industry jargon for a sophisticated computer attack. The term is often associated with corporate espionage, nation-state attacks, or high-level cybercriminal gangs.



Read more: http://www.physorg.com/news/2011-03-emc-anti-hacking-division-hacked.html

It's more of a partially successful attempted hack.

They're the Darth Vader of the Computer Storage Industry

...we pulled all of our source code machines offline yesterday.

You never know and you NEVER want anyone to have your source code

Seems to be a unnecessary risk.

If it was LAN and not WAN, why did the company need to take the source code machines off line?

you guys think it might be Anonymous?

Probably not anonymous, as those guys don't have much dispute with SecureID. But there are lots of businesses, both legal & illegal, who would love to get EMC's algorithms.

Maybe N. Korea. Unless I'm mistaken, this is the SecureID folks. The little number generator you put on your keychain to enter in addition to your user name and password.

If they have been compromised to where that number can be predicted for a specific user, this is a huge fucking deal, keys to the kingdom huge.

-Hoot

Different common usage.

"Off Line" implies off WAN or internet access.
"Offline" implies disconnecting the server from all network access, or turning it off completely.


It would be highly unusual for any source control system to be exposed directly to the internet. Remote developers would usually tunnel in or use an RDP gateway or something like that.

I don't want to be mean, but it's ironic that you make a distinction between "off line" and "offline" when I, and scores of other computer engineers use them interchangeably.

Why ironic? Because then you use lower-case "internet" to refer to the Internet. :shrug:

I've noted a clear distinction between the intent in the usage on those two terms, at least among my customers.

I guess we need the person you responded to, to clarify for certain. I'm willing to bet he meant that he either severed those EMC servers from the local intranet, or he shut them cold-off completely.

Edit: I have never in my life seen an EMC device of any type plugged into a WAN connection, ever. Maybe they make some device my customer's don't normally use, and i'm just not familiar with it.

It seems to me that 'internet' has become a non-proper noun, like 'building' or 'plumbing' at this point, but I could be wrong.

who can actually do something about them. No sign-waving, boycotts, petitions. Some actual retribution

kick...this is an important story.

to gain business that EMC loses because of the breach?