Not a day goes by without some announcement of a major data breach. Hackers and fraudsters are busy at work and they are clearly having a field day with their targets. Of course, the motivations for the data breaches range from bragging rights to financially motivated to the more sinister. RSA made the headlines in February when they announced that they were hacked into and compromised. It seems now that users of RSA SecurID are the next string of victims. And money does not seem to be the motivation here at all.
According to a Reuters exclusive, US military contractors are now caught in the headlights of hackers. The hackers are targeting military giants like Boeing, General Dynamics, Raytheon and Lockheed Martin. It seems that we will see more stories like this of users of RSA SecurID.
The only defense (sorry, could not resist the pun) companies have is to switch to alternatives that provide stronger security than that provided by RSA now. They should start to evaluate the move beyond one-time passwords and enter the realm of challenge-reponse-based authentication, verification, and validation.