That evening, Coviello wrote an open letter to RSA customers on the company’s website. The letter said: “Recently, our security forces have become aware of the high level of technology that is taking place.” “At the moment we are confident that the findings do not support a direct attack on any of our RSA SecurID clients, this information could be used to reduce the ability to establish two-factor authentication as part of an attack,” the letter continued.
In Bedford, Castignola was given a tax room and the authority to apply for volunteers to the company as they wished. A flexible team of about 90 co-workers started a couple of weeks, day and night a way to connect one-on-one phones with each customer. They worked on mail, moving customers through security interactions such as adding or lengthening a PIN number as part of their SecurID login, making it difficult for hackers to retry. Castignola remembers walking into the hall of the house at 10 o’clock in the evening and hearing phones talking behind each closed door. Usually, customers shouted. Castignola, Curry, and Coviello each sang for hundreds of people; Curry began to laugh that his name was “great apology.”
Immediately, paranoia began to operate on the company. On the first night of the announcement, Castignola remembers walking near a wiring cabinet and seeing mysterious people walking, much more than they thought they would have. “Who are those people?” He asked a nearby chief. “It’s the government,” the boss replied casually.
Instead, by the time Castignola arrived in Massachusetts, the NSA and the FBI had been called in to help the company, as did defense firm Northrop Grumman and law firm Mandiant. (Fortunately, Mandiant staff were already on the scene before the crash, and installed electronic security equipment on the RSA network.)
Employees at RSA began to take strong action. Fearing that their phones might be damaged, the company has changed shipping, from AT&T to Verizon phones. The authorities, not even dependent on the new phones, held face-to-face meetings and shared documents. The FBI, fearing its involvement in the RSA because of the amount of information that the intruders appear to have in the industry, has begun to look back. “I made sure that all the members of the group – I don’t care who they were, what their reputation was – were investigated, because you have to be sure,” Duane said.
The windows of some of the officers’ offices and conference rooms were lined with leather jackets, to prevent the control of the laser microphone – a remote chasing system that takes conversations from a window in the windows – by spies who think they are in the surrounding woods. The house was swept away by bedbugs. Several supervisors insisted they had found hidden hearing aids – though some were so old that their batteries were dead. It was never known if the bugs had any connection with the breach.
Meanwhile, a security team at RSA and investigators have arrived to help “support the building and the studs,” according to Curry. He says that, wherever the intruders were affected, they analyzed the contents of the machines that could be compromised, even those around them. “We walked around and, if there was a box he was in, it was polished,” says Curry. “If you lose data, it’s a pity.”