In 2011, RSA was hacked: the worst breach of a security firm to that date. The hack, carried out by Chinese spies, pulled the rug out from under the world’s model of security. For 10 years, RSA execs have been bound to silence by NDAs—which just expired 1/ wired.trib.al/ffxPoam
The intruders were able to steal the “seeds” underpinning RSA’s SecurID tokens: fobs that let you prove your identity by entering the six-digit codes that update on their screens. The hack erased a critical safeguard protecting 40 million accounts worldwide 2/
RSA’s customers included government agencies, defense contractors, and corporations across the globe.
The new accounts capture the experience of being targeted by sophisticated state hackers who meticulously take on high-value networked targets on a geopolitical scale 3/
And reveal the RSA staffers’ feverish race against the hackers. Large-scale attacks are often discovered months after the fact, but this one was different. Investigators caught up to the intruders and began chasing them in real time 4/
Their stories also show paranoia that took hold of RSA. The company switched mobile carriers; employees were told to talk in person whenever possible; the FBI conducted background checks; some windows were even covered in butcher paper to prevent laser microphone surveillance 5/
After 10 years of rampant state-sponsored hacking and supply chain hijacks, the RSA attack can now be seen as the herald of an era of digital insecurity.
Read its untold story here: 6/ wired.trib.al/ffxPoam
To hear more about the RSA hack, listen to @a_greenberg and several of the subjects interviewed in his story on Cybereason’s @MaliciousLife podcast: 7/ cybereason.com/blog/the-untol…
Want to support journalism like this? Subscribe to WIRED and get unlimited access to the biggest stories in tech 8/ wired.trib.al/f3r0g6N
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.