The attack to RSA and the Flash Platform role


As you could remember RSA, the Security Division of EMC Corporation suffered a security attack last month. It’s completely ironic because one of the RSA jobs is to prevent these kind of information security attacks.

If you want to know the details there is a lot of information on Internet

  • http://searchsecurity.techtarget.com/news/1528805/RSA-breached-in-APT-attack-SecureID-info-stolen
  • http://www.rsa.com/node.aspx?id=3872
  • You can just Google it and you’ll find hundreds of articles and posts related to this incident.

    In this post I will focused on the role of the Flash Platform in this incident.

    First of all, yes, the security attack was possible because of a security problem in the Flash Platform.
    During the days of the security attack to RSA, Adobe was being questioned about some security breaches with the player. Specifically with a flash movie inserted into a Word document or an Excel document. This second type of vulnerability made possible the information gathering by the attackers. In the words of RSA:

    The attacker sent two different phishing e-mail messages over a two-day period with a subject line of “2011 Recruitment Plan” to two small groups of employees who weren’t consider particularly high profile or high-value targets.

    The e-mail was crafted well enough to trick one of the employees to retrieve it from their Junk mail folder and open the attached excel file. It was a spreadsheet named “2011 Recruitment plan.xls”.

    The spreadsheet contained a zero-day exploit that installs a backdoor through an Adobe Flash Vulnerability.

    The vulnerability they were talking about is this: CVE-2011-0609 and today it is already fixed but imagine the damage a third party product can cause to a Information Security firm.

    You can see the attack was planned carefully because the e-mail was only sent to the employees less protected. I’m sure if the e-mail had been sent to a security engineer it hadn’t had the same effect.

    In this kind of incidents we can prove one of the famous phrases in Information Security:

    A chain is only as strong as its weakest link

    People in administrative areas are often less secure than in other areas and the knowledge and culture in security is completely different. That’s why they tend to be one of the main target attacks in a company.

    3 thoughts on “The attack to RSA and the Flash Platform role”

    1. Hey there would you mind sharing which blog platform you’re working with? I’m going to start my own blog soon but I’m having a difficult time making a decision between BlogEngine/Wordpress/B2evolution and Drupal. The reason I ask is because your layout seems different then most blogs and I’m looking
      for something completely unique. P.S Apologies for
      getting off-topic but I had to ask!

    2. I’m pretty pleased to find this great site. I wanted to thank you for your time for this fantastic read!! I definitely appreciated every little bit of it and I have you saved to fav to check out new information on your web site.

    3. I’m truly enjoying the design and layout of your website. It’s a very
      easy on the eyes which makes it much more pleasant
      for me to come here and visit more often. Did you hire out a developer to create your
      theme? Outstanding work!

    Comments are closed.