RSA Faces Security Breach

March 18, 2011 - PRLog -- Cybercriminals have expanded their scope of operations. In the recent past, stock exchanges, security firms and energy companies have been the target of cyber-attacks. The purpose of the attacks may be to express protest, steal confidential information or disrupt operations. The attacks may be part of cyber espionage, attacks by supporters of activists or attacks by forces loyal to rival countries. Recently, RSA suffered sophisticated cyber-attacks on the IT infrastructure. Information security professionals of the organization have classified the attack as an advanced persistent threat. RSA has notified the customers regarding the security breach through an open letter on the company’s website. The attackers were able to breach the security of computer systems and gain access to information associated with the SecurID two-factor authentication products. The company has said that the leaked information could be misused to disrupt ongoing two-factor authentication implementation.

RSA is one of the major companies in the domain of two-factor authentication. In addition, the company is well-known for the annual security conferences. The company has notified to the concerned authorities and security professionals of the company are investigating the security breach. They have also initiated steps to streamline the IT infrastructure to prevent any further intrusions. Advanced persistent threats involve consistent attacks on the IT infrastructure. Attackers manage to infiltrate the computers through e-mail or web-based attacks and scan the network to extract confidential information. RSA is offering assistance to the customers in dealing with challenges in SecureID two-factor authentication implementation.

The company has urged the customers to improve IT security by monitoring the use of social media sites, enforcing use of strong passwords, implement restricted access policy and monitor changes in user privilege levels. Cyber security awareness among employees is crucial to prevent such attacks. Organizations may improve the awareness among employees through online IT courses and e-learning programs.

Organizations must give adequate emphasis to training of employees. Security professionals are required to constantly update their skill sets through webinars,online IT degree  programs and seminars to deal with the sophisticated cyber-attacks. Regular in-depth evaluation of the security infrastructure through penetration testing, security audits is crucial to identify weaknesses and initiate mitigating measures. Companies should also focus on improving the monitoring mechanisms to identify any unauthorized activity.

The multifarious and sophisticated challenges in the cyberspace has led to increased demand for professionals qualified in IT degree programs, penetration testing, system administration, computer forensics, incident management, security audit and network administration. Organizations must have proper IT security policy in place and must enforce the same to strengthen the defenses against cyber threats.

Contact Press

EC-Council
Website:  http://www.eccouncil.org
Email:  iclass@eccouncil.org
Tel:  505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

# # #

iClass is EC- Council's online training delivery platform. Students can attend live, or recorded training sessions for courses such as Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA) or Computer Hacking Forensic Investigator (CHFI).