[AusNOG] RSA SecurID tokens hacked
Pinkerton, Eric
Eric.Pinkerton at team.telstra.com
Mon Mar 21 14:31:42 EST 2011
To my knowledge said software still works for all RSA tokens if you have the seed file and one output, Cain is one example..
So if the seed files (or the math behind creating the seed files) has been compromised, as many are speculating, or if like me you tend to assume the worst, then it effectively means that your respectable 2 factor authentication, is essentially a paltry username and in many cases a 4 digit pin.
Add to this the current publicity which has the potential to assist social engineering....."What's that, your calling from RSA? - yes I have heard about that in the news! - you want to know the serial number of my token? Sure!"
IMHO Companies should already be educating users about social engineering attacks, if your not doing this already, then yesterday is a really good time to start, I would also recommend asking users to change their pins, and increasing the minimum pin number to at least 8 until such time that RSA issue replacement tokens, or offer a more satisfactory explanation.
http://twitpic.com/4bo5i2
More information about the AusNOG
mailing list