The director of the US National Security Agency has named China as the country behind last year's high profile hack against RSA that resulted in the extraction of data related to SecurID tokens.

The information extracted in the March 2011 hack was later used in an unsuccessful attack against Lockheed Martin. Other US defence contractors, including L-3 Communications, were also rumoured to have been targeted but this remains unconfirmed.

RSA offered replacement tokens in the wake of the attack, which relied on a combination of spear phishing and malware that exploited a zero-day Adobe Flash exploit. Art Coviello, RSA's executive chairman, went as far as blaming the attack on two organisations for the same country last October without naming the prime suspects in the high-profile assault.

However National Security Agency director General Keith Alexander went further on Tuesday during testimony before Senate Armed Services Committee and named China as the prime suspect behind the RSA hack. He went on to say China is stealing a "great deal" of military-related intellectual property from the US, Information Week reports.

China has long been the prime suspect in the RSA hack but has never been named as such until this week. General Alexander's statement is another clear sign that US authorities are going beyond diplomatic channels in an attempt to shame China into cutting back on its widely reported cyber-espionage program.

China, for its part, routinely claims that it is more spied against than spying. Beijing can be expected to take a similar line over the latest accusations. ®

Related stories

• Make cyberwar a no-no equal to nukes, bio, and chemical attacks, says RSA headman (25 February 2014)

  https://www.theregister.com/2014/02/25/make_cyberwar_as_much_of_a_nono_as_nuclear_chemical_exchanges_says_rsa/

• Layoffs at EMC's RSA security division (20 September 2013)

  https://www.theregister.com/2013/09/20/rsa_restructuring/

• US chief spook: Look, we only want to spy on 6.66 billion of you (10 June 2013)

  https://www.theregister.com/2013/06/10/chief_spy_america_relax/

• Spooks nicking your tech? What you need is THE CLOUD - NSA boss (5 June 2013)

  https://www.theregister.com/2013/06/05/nsa_cycon_keynote/

• Hackers break onto White House military network (1 October 2012)

  https://www.theregister.com/2012/10/01/white_house_hack/

• Attack of the clones: Researcher pwns SecureID token system (24 May 2012)

  https://www.theregister.com/2012/05/24/rsa_downplays_secureid_token_clone_attack/

• Lockheed bags $454m to tool up Pentagon's Cyber Crime Center (4 May 2012)

  https://www.theregister.com/2012/05/04/lockheed_wins_cybercrime_centre_contract/

• Hidden Dragon: The Chinese cyber menace (24 December 2011)

  https://www.theregister.com/2011/12/24/china_cybercrime_underground_analysis/

• Krebs nabs ‘RSA attack’ list (25 October 2011)

  https://www.theregister.com/2011/10/25/rsa_attak_list_leaked/

• RSA defends handling of two-pronged SecurID breach (11 October 2011)

  https://www.theregister.com/2011/10/11/rsa_securid_breach_keynote/

• SecurID breach cost RSA $66m (27 July 2011)

  https://www.theregister.com/2011/07/27/rsa_security_breach/

• RSA makes token offer to worried customers (7 June 2011)

  https://www.theregister.com/2011/06/07/rsa_token_replacement_offer/

• Stolen RSA data used to hack defense contractor (6 June 2011)

  https://www.theregister.com/2011/06/06/lockheed_martin_securid_hack/

• Second defence contractor targeted in RSA SecurID-based hack (1 June 2011)

  https://www.theregister.com/2011/06/01/military_contractor_2nd_rsa_securid_hack/

• RSA explains how attackers breached its systems (4 April 2011)

  https://www.theregister.com/2011/04/04/rsa_hack_howdunnit/

• RSA won't talk? Assume SecurID is broken (24 March 2011)

  https://www.theregister.com/2011/03/24/rsa_securid_news_blackout/

• RSA breach leaks data for hacking SecurID tokens (18 March 2011)

  https://www.theregister.com/2011/03/18/rsa_breach_leaks_securid_data/