That afternoon, Coviello revealed an open letter to RSA’s prospects on the corporate’s web site. “Not too long ago, our safety methods recognized a particularly refined cyberattack in progress,” the letter learn. “Whereas presently we’re assured that the data extracted doesn’t allow a profitable direct assault on any of our RSA SecurID prospects, this info may doubtlessly be used to scale back the effectiveness of a present two-factor authentication implementation as a part of a broader assault,” the letter continued—considerably downplaying the disaster.
In Bedford, Castignola was given a convention room and the authority to ask for as many volunteers from the corporate as he wanted. A rotating group of practically 90 staffers started the weeks-long, day-and-night technique of arranging one-on-one cellphone calls with each buyer. They labored from a script, strolling prospects by protecting measures like including or lengthening a PIN quantity as a part of their SecurID logins, to make them tougher for hackers to duplicate. Castignola remembers strolling down the halls of the constructing at 10 pm and listening to calls on speaker telephones behind each closed door. In lots of circumstances prospects have been shouting. Castignola, Curry, and Coviello every did tons of of these calls; Curry started to joke that his title was “chief apology officer.”
On the identical time, paranoia was starting to take maintain within the firm. The primary night time after the announcement, Castignola remembers strolling by a wiring closet and seeing an absurd variety of individuals strolling out of it, way over he imagined may have ever match. “Who’re these individuals?” he requested one other close by government. “That’s the federal government,” the chief responded vaguely.
In actual fact, by the point Castignola had landed in Massachusetts, each the NSA and the FBI had been referred to as to assist the corporate’s investigation, as had protection contractor Northrop Grumman and incident response agency Mandiant. (By likelihood, staff of Mandiant had already been on-site previous to the breach, putting in safety sensor gear on RSA’s community.)
RSA employees started to take drastic measures. Nervous that their cellphone system could be compromised, the corporate switched carriers, shifting from AT&T to Verizon telephones. Executives, not trusting even the brand new telephones, held conferences in individual and shared paper copies of paperwork. The FBI, fearing an confederate in RSA’s ranks due to the obvious stage of information the intruders appeared to have of firm methods, began doing background checks. “I made positive that each one members of the group—I do not care who they have been, what status that they had—have been investigated, as a result of it’s a must to make sure,” Duane says.
The home windows of some executives’ places of work and convention rooms have been coated in layers of butcher paper, to forestall laser microphone surveillance—a long-distance eavesdropping method that picks up conversations from vibrations in window panes—by imagined spies within the surrounding woods. The constructing was swept for bugs. A number of executives insisted that they did discover hidden listening gadgets—although some have been so previous that their batteries have been useless. It was by no means clear if these bugs had any relation to the breach.
In the meantime, RSA’s safety group and the investigators introduced in to assist have been “tearing the home all the way down to the studs,” as Curry put it. In each a part of the community that the hackers touched, he says, they scrubbed the contents of doubtless compromised machines—and even ones adjoining to them. “We bodily went round and, if there was a field they have been on, it received wiped,” Curry says. “In case you misplaced information, too dangerous.”