Computer attacks and data breaches happen every day, but every now and then there is an epic attack that people remember long after the mess is cleaned up. The RSA breach of 2011 is one such example. An attacker was able to gain access to privileged user credentials in order to access a server and steal information specific to RSA’s SecurID two-factor authentication products.
RSA’s parent company EMC spent tens of millions of dollars dealing with the fallout from this breach and the theft of critical intellectual property. And RSA was left scrambling, working with customers to try to prevent exploitations made possible by the compromise.
What people may not remember about this breach is it all started with an email sent to an HR employee at RSA. The message
had an attachment—an Excel spreadsheet that supposedly contained the company’s recruitment plans for the year. In reality,
the spreadsheet had been compromised with the recently-discovered Adobe Flash zero day flaw CVE 20110609. When the worker
clicked on the file it unleashed a malware trojan that proceeded to harvest login credentials within the RSA network. And,
well, you know the rest of the story.