Inside Details of the 2011 RSA Hack

Riveting report by Andy Greenberg for Wired:

In the decade that followed, many key RSA executives involved in the company’s breach have held their silence, bound by 10-year nondisclosure agreements. Now those agreements have expired, allowing them to tell me their stories in new detail. Their accounts capture the experience of being targeted by sophisticated state hackers who patiently and persistently take on their most high-value networked targets on a global scale, where an adversary sometimes understands the interdependencies of its victims’ systems better than victims do themselves, and is willing to exploit those hidden relationships.

The perpetrators: Chinese hackers. The attack vector that got them in the door: well, given that it was 2011, you will not be surprised.

(The opening anecdote has a somewhat Mission Impossible-y feel to it that doesn’t ring true to my ears — that the hackers moved the archive with the pilfered encryption seeds mere seconds before an RSA analyst attempted to remotely delete them. For one thing, it implies there was any hint that the archive RSA found was the only copy of the data. So take that anecdote with a Tom Cruise-size grain of salt. It’s a good inside look nonetheless.)

Sunday, 30 May 2021