Globalsign confesses to certificate attack

But nothing was taken

By Dave Neal

Wed Dec 14 2011, 13:38

CERTIFICATION AUTHORITY Globalsign has admitted that it was the target of a recent attack, but added that its systems and certificates were not compromised.

The threat of exposure followed the efforts of the Comodohacker, who in early September hacked certificate authority Diginotar and issued bogus certificates as a result. At the time it was suggested that Globalsign had also been affected, but if it was, apparently it was not severely affected.

In a security incident report just released by the firm, it said that despite earlier suggestions it had found no evidence of any rogue certificates having been issued, that no customer data was exposed, and that no harm was done to its infrastructure or systems.

It did confirm that a peripheral web server, which is not part of its certificate issuance infrastructure and hosted a public facing web property, had been breached, however. This means that some data could have been exposed, including publicly available HTML pages, publicly available PDFs, and the SSL certificate and keys issued to www.globalsign.com. According to its statement these were deemed compromised and revoked.

Globalsign said that it responded to the threat with an immediate, strong response, including nine days of service disruption when it stopped issuing certificates.

"The self-titled attacker 'Comodohacker' has been assumed to be a credible threat to security providers," said the firm in its disclosure about the hacking.

"The same post also stated that several other CAs had been compromised, including a reference to GlobalSign. GlobalSign deemed the threat credible and immediately began a thorough network analysis, assuming a highly sophisticated attack had been executed on, or was in process against, multiple Certificate Authorities. GlobalSign deemed the most responsible reaction was to halt issuance of new Certificates."

Globalsign worked with Fox-IT, the company that raised awareness about the security threat, in resolving the issue and resuming its services. µ

Tags: Security Internet

2nd/3rd Line Technical Sup

German Technical support Sp...

INQ Poll

Facebook starts selling shares

Will you buy Facebook shares?

Yes, it's a great investment

Yes, I want to frame a share certificate

No, it's overpriced

No, I'm not stupid

What, Facebook sold shares? I thought it was free

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Globalsign confesses to certificate attack

Share this:

Paypal high street mobile payments app hands-on [Video]

London Olympics: Westfield Stratford prepares for visitor deluge with tech innovation [Video]

Databases

Network management

Security

Service oriented architecture

Storage

2nd/3rd Line Technical Sup

German Technical support Sp...

Read more