UAE companies on high alert after hack
DUBAI // Corporations are continuing to monitor their computer systems and customer accounts following a sophisticated hack on an international security firm with offices in the emirate.
A secret code for a computer access key used by top multinationals and governments is believed to have been among the data stolen by hackers in an attack on RSA, an international security company under the parent company EMC, which also has offices in Dubai.
The SecurID tokens, which are around the size of a key-chain fob, generate a random number every minute which, when entered onto a computer, grants users access to websites or systems.
They are widely used by retail and business banking customers, including those for Emirates NBD and National Bank of Abu Dhabi.
National Bank of Abu Dhabi has been in regular communication with RSA and has received assurances on the safety of customers.
"NBAD does not believe that the RSA security breach can lead to a successful direct attack against its account holders that use RSA SecurID," said Suvo Sarkar, general manager of NBAD's Consumer and Elite Banking.
"Our bank has implemented the best security practices and hardening guidelines recommended by RSA and is also actively monitoring our systems and customer transactions closely. To date, NBAD has no evidence of any impact to nbadOnline."
The hack comes on the heels of a massive security breach at Sony.
Last week, executives at the Japanese conglomerate apologised for the April breach, which resulted in personal information losses in 77 million accounts - including addresses, usernames, passwords and credit card information - belonging to users of its PlayStation Network.
Corporations are paying attention now, said David Michaux, a computer forensics investigator for the Dubai-based firm Forward Discovery.
"A number of companies have sought expert advice on what kind of problems they may face," he said.
EMC announced on March 17 that its security division, RSA, had been subject to "an extremely sophisticated cyber attack". The attackers sent out e-mails to low-level employees with an excel file attached entitled "2011 Recruitment plan.xls".
After one employee opened the file, the attackers were granted access to the system. They were then able to jump to operators with increasing levels of privileges until finally they harvested information on the SecurID system.
Mr Michaux said that there was only a five per cent chance that the attack could have come from "script kiddies", a disparaging nickname given to teenage hackers.
"This attack was a gradual theft of data over a long period," he said. "It looks very similar to what you tend to see with a government-sponsored attack."
A spokesman for EMC said the SecurID system remains an effective defence against attackers.
"Whoever attacked RSA has certain information related to the RSA SecurID solution, but not enough to complete a successful attack without obtaining additional information that is only held by our customers," the spokesman said. "We have provided best practices so customers can strengthen the protection of the RSA SecurID information they hold."
The SecurID system is a "two-factor" solution as customers are provided with both a pin number as well as the randomly generated number from the token. "It's like having a password with two halves," said a Dubai-based expert on SecurID, who spoke on condition of anonymity. "Without one half you can't use the other half. The technology is as secure as it was before the hack."