A security attack earlier this year that breached the internal network of EMC's RSA Security division occurred because the company failed to take a basic security precaution. So says Rodrigo Branco, the director of vulnerability and malware research labs for Qualys, in a new report published on Computerworld. Branco arrived at his conclusion after analyzing known information on how the attack took place. 

In a nutshell, a zero-day vulnerability in the Adobe Flash Player was used to infect the target workstation with a customized version of Poison Ivy, also known as a RAT (for Remote Administration Tool) in security parlance. Branco observed that the presence of DEP technology would have prevented such an exploit from working, which led him to conclude that the affected workstation was not running on DEP-protected Windows Vista or Windows 7 operating system.

And given that DEP was added in Windows XP with Service Pack 2, it would appear that RSA could have prevented the security breach by enabling DEP--it's not switched on by default in Windows XP. Ultimately, RSA paid the price, to the tune of $66 million spent replacing SecurID tokens, as well as an incalculable amount of damage to its credibility as a security vendor. Solutions? Branco suggests enabling DEP manually for Windows XP machines, or better yet, upgrading to a newer operating system.

For more:
- check out this article at Computerworld

Related Articles:
Email used in RSA SecurID break-in revealed
RSA warns of possible risk to customers of SecurID following cyber attack
More companies learn of breaches from law enforcement