Two top security firms have reportedly been targeted by as yet unidentified hackers seeking information regarding SecurID authentication products and key government contracts.
The first cyber attack targeted RSA Security and potentially led to a more recent assault on defense contractor L-3 Communications.
The security breach has since been confirmed by a blog post on the company's website. The attack was by RSA's own admission "extremely sophisticated" and saw the hackers target information regarding the company's SecurID authentication products.
The SecurID products are commonly used by numerous companies and government agencies as an extra layer of digital protection. The products work by making users have to enter a secret code contained on a keyfob or piece of computer software as well as their own password during login processes.
The number is cryptographically generated and changes every 30 seconds making it close to impossible to guess or hack under any normal circumstances.
The hack reportedly sought to obtain certain pieces of code and data that would allow the replication of these codes, thus granting the organisation or individual the ability to bypass the SecurID stage of security.
It is as yet unconfirmed how much of the information the attackers were able to get during the raid.
From 2009 RSA released data estimating that around 40 million customers used the SecurID keyfob system and a further 250 million used its software package. This would mean that if successful the raid could leave a potential 290 million users digital security compromised -- beating Sony's recent 100 million strong security leak.
In its subsequent blog post the RSA's Executive Chairman Art Coviello commented, "Our investigation also revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products.
"While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack."
The company has since described the attack as an advanced persistent threat (APT). Similar to the cyber attack against tech-giant Google last year, such attacks are distinct because rather than going after financial or identity data, they target source code data or pieces of intellectual property.
Additionally, APT attacks commonly utilise zero-day vulnerabilities to hack their targets, making them more difficult to detect. They also often try to embed themselves in parts of the company's network, making them difficult to counter or remove even if detected.
Since the RSA's security breach, a second similar APT attack was inflicted on the defence contractor L-3 Communications. The attack reportedly made use of data secured from the previous cyber assault on RSA.
The attack was first reported last Friday by Reuters and has, according to Wired.com, been confirmed by an anonymous source within the company.
The company has not yet released any details about the breach and it's not yet clear how Reuters discovered the use of the RSA's compromised SecurID data.
But if true and stolen SecurID data was used in the cyber attack, then the company's security breach presents a number of troubling scenarios.
L-3 is itself one of the largest federal-government contractors within the United States. It provides command-and-control, communications, intelligence, surveillance and reconnaissance technology to the Pentagon and a number of the U.S.A.'s intelligence agencies.
Putting aside the fact that the data could potentially allow the hackers to target and gain access to other similar companies or government departments, the attack on L-3 Communications could mean that the group already has sensitive and potentially dangerous data regarding certain government contracts and or mission requirements.
Already, the fact that two security firms have been hacked in such a short space of time has added to the world's growing concerns about cyber security.
Outside of companies like Microsoft, who today issued a company statement regarding the future of cyber defence measures, several governments have already begun to take affirmative action.
The U.S. is in the final stages of instigating a reformed doctrine instructing the Pentagon to view all cyber attacks that cause real-world disruption or deaths in the same way it would any real-world armed attack.
In the U.K. Chancellor of the Exchequer George Osborne has persistently articulated his belief that cyber attacks are the most serious threat facing the country, leading to yesterdays revelation of a new "cyber weapons development programme".
The trouble is, since the identity of the hacker or hackers is yet to be revealed -- though once again several new sources are speculating it to stem from China -- it's difficult to know what exactly the motivation for the cyber attack is. This in turn makes it difficult for governments and companies to create contingency plans or foresee where the next cyber threat will come from. This problem has led to the ongoing debate about which path forward is the best one for future defence measures, with each company and government seeming to have a different answer.
Whatever the future decision in regard to digital security is, the security breach to both RSA and L-3 Communications does to a certain degree vindicate the growing fear both individuals and governments worldwide are gradually falling victim to. With the recent PSN disaster and subsequent slew of companies falling victim to cyber crimes making users increasingly aware and nervous about how vulnerable their personal data can be.
In short, while the news doesn't help answer the question of what path forward society should take in the ongoing cyber crime debate, it does demonstrate the need for one.
Update: The U.S. Governent has reportedly been confirmed as developing a new generation of "cyber weapons" to combat the growing security threat.