Insecurity experts working for some of the world’s top companies are admitting that they are powerless to stop hackers.
The annual RSA Conference heard a procession of top executives admit that there does not appear to be any way to stop the hackers.
According to Reuters the opening presentation by Art Coviello, executive chairman of conference sponsor and recent hacking victim RSA, set the tone with the Rolling Stones song “You Can’t Always Get What You Want.”
RSA is the largest provider of password-generating tokens used by government agencies, banks and others to authenticate employees or customers who log on away from the office. All it took was an employee opening an email with a poisoned attachment and RSA was compromised.
Hackers had access to the corporate network and they emerged with information about how RSA calculates the numbers displayed on SecurID tokens, which was in turn used in an attack on Lockheed Martin.
Coviello admitted that his company’s misfortune would help foster a sense of urgency in the face of formidable opponents, especially foreign governments which were now involved in hacking.
He said that some 70 percent of employees in one survey he cited admitted to subverting corporate rules in order to use social networks or smartphones or get access to other resources, making security that much harder.
Coviello said that networks will be penetrated because people will still make mistakes. He said that better monitoring and analysis of traffic inside company networks can manage risk to acceptable levels. But it seems impossible to make it go away.
James Bidzos, CEO of VeriSign, admitted his outfit had lost data to hackers in 2010 and Enrique Salem, CEO of Symantec, also admitted that source code from the 2006 version of its program for gaining remote access to desktop computers had been stolen and published.
Analysts said that there is some panic among security vendors as they seemed unable to stop hackers.