Home IT Alerts

RSA Investigating Cyber Attack

The University of Michigan utilizes RSA tokens in our 2-factor authentication (i.e., MToken) for access to sensitive systems. Recently, RSA publicly announced that they were the victim of an extremely sophisticated cyber attack. It appears that some information was stolen from RSA that is related to the RSA 2-factor authentication products used by our MToken. Details of the exact nature of the stolen information have not been announced by RSA, so it's hard to understand the exact nature of the risk this incident poses to us. We believe they way we use 2-factor authentication means the risk is relatively minor.

Our MToken system requires the university's kerberos/level 1 password plus the number currently displayed on your MToken. If your password is compromised, an intruder is unable to provide the number on the MToken. If your MToken is lost, an intruder does not know your password. In either situation, an intruder is unable to successfully log in to an MToken protected system.

At this time, we recommend that everyone confirm that they are using a strong kerberos/level 1 password

According to RSA: "This information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations."

We will continue to monitor any developments related to this incident and provide more updates if appropriate.

If you have questions, please contact the ITS Service Center at 734-764-4357 (4-HELP).