Security Watch

Token Appreciation

In the wake of a security compromise, RSA Security announced it will replace 40 million SecurID tokens at 30,000 companies and government agencies that use them to log in to computers securely for things like online banking sessions, or to access other critical company information, The Washington Post reported Tuesday.

In March, hackers gained access to core information that the SecurIDs use to generate codes that enable a login.

Last month, the defense company Lockheed Martin Corp. of Bethesda, Md., disclosed that employees who used SecurID tokens to log in to the company's internal network while they were beyond the firewall had been targeted by hackers.

"Against this backdrop of increasingly frequent attacks, on Thursday, June 2, 2011, we were able to confirm that information taken from RSA in March had been used as an element of an attempted broader attack on Lockheed Martin, a major U.S. government defense contractor. Lockheed Martin has stated that this attack was thwarted. … As a result, we are expanding our security remediation program to reinforce customers' trust in RSA SecurID tokens and in their overall security posture," RSA executive chairman Art Coviello wrote in an open letter posted on RSA's website Monday. RSA is a unit of EMC Corp. of Hopkinton, Mass.

Separately, CNet reported Monday that hackers in China appear to have launched the attacks against Lockheed Martin and two other military suppliers, L-3 Communications and Northrop Grumman. The tokens reportedly were used in the attacks on L-3 and Northrop Grumman.

CNet reported that Lockheed alone plans to replace 45,000 SecurID tokens.

Skimming Scheme

Three Romanians and an Austrian were charged with stealing $1.5 million from Citigroup Inc. and JPMorgan Chase & Co. automated teller machines in Chicago, Miami and New York between March and May 2010, Dow Jones and other sources reported Monday.

The Justice Department named Mihail Draghici, Ionel Dedulescu, Didi Theodor Ciulei and Laurentiu Mugurel Manta in its indictment, charging them with conspiracy to commit bank fraud, conspiracy to commit access device fraud and aggravated identity theft, Dow Jones reported.

The four allegedly used skimming devices to record customers' identifying information from the magnetic stripe of ATM cards. They are also accused of stealing PIN codes that enabled them to use duplicate cards.

Draghici and Dedulescu were arrested in December as they tried to board an international flight in Miami. They face an additional charge of bank fraud. Ciulei and Manta were arrested in Chicago in May.

If convicted, the four could face more than 60 years in prison.

Information Bank

A former Bank of America Corp. employee is reportedly responsible for the theft of $10 million from the bank accounts of 300 of the Charlotte, N.C., company's customers, according to the website Mybanktracker.com in a May 30 story.

The former employee is accused of providing criminals with everything necessary to set up fraudulent accounts or to rob existing ones, including names, addresses, Social Security numbers, bank account numbers, birth dates, email addresses, names of family members, PINs and account balances.

Fraudsters reportedly used the information to order checks, change contact information and reroute mail. The checks were used to make fraudulent purchases.

The Secret Service reportedly made 95 arrests in February in Los Angeles in connection with the case. Bank of America has reportedly offered two years of free credit monitoring to the victims.

Email Threat

Yahoo Inc.'s Yahoo mail and Microsoft Corp.'s Hotmail have both been the victims of targeted attacks similar to the ones against Google Inc.'s Gmail users last week, according to a June 3 story on CNet.

Users of the free email services have been targeted by malware through phishing attacks. In Hotmail's case, the malware exploited vulnerabilities in the service that simply required users to view the email, without clicking on any links. In Yahoo's case, security researchers discovered that hackers have attempted to steal cookies that would then enable them to log in to users' accounts.

Microsoft has reportedly issued a fix for Hotmail.

On June 1, Google discovered and halted a major phishing attack against high-level users of its email service, including journalists, activists and political officials. In Google's case, the attacks appear to have come from Jinan, China, and Google implied that the Chinese government was behind the attacks, according to a June 1 story in The Wall Street Journal.

Jinan is home to the People's Liberation Army's technical reconnaissance bureau, which is the equivalent of the National Security Agency in the U.S.

Google has also blamed China for a 2010 attack against its servers.

Many online banking customers rely on the three free email services. Consumers frequently reuse passwords for email and bank account access.

Spotlight on Sony

The hacker group Lulz Security, which reportedly claimed responsibility for website break-ins last month at Sony Corp. and Public Broadcasting Service, is continuing to torment Sony by releasing personal data stored on the servers of its subsidiary Sony Pictures Entertainment Inc. of Culver City, Calif., The Los Angeles Times reported June 3.

The hacking group posted data, including names, addresses, passwords and phone numbers on a document-sharing website called Pastebin.

Although it was not clear how much information had been stolen, the Associated Press reported June 3 that the hacking group had boasted about stealing the information of 1 million consumers.

Last month, a hacking incident led Sony to shut down its PlayStation Network and related Qriocity sites, reportedly stealing the personal data of millions of consumers.

Lulz Security reportedly claimed it easily circumvented Sony's security walls using "rogue commands" to extract sensitive data.