View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 11, 2011

GlobalSign halts issuing SSL certificates after hack scare

Mozilla warns Web certificate issuing companies to show proff that their systems are safe or risk being blocked

By CBR Staff Writer

GlobalSign has become the second company to halt issuing SSL certificates or certificates guaranteeing the security of websites, after an anonymous hacker claimed to have breached its ecurity.

Recently, it was revealed that Dutch company DigiNotar had its certificates stolen by hackers.

GlobalSign, the Belgium-based subsidiary of Japan’s GMO Internet, said that though its unsure whether it has actually been hacked, the company is taking threats by an anonymous hacker seriously.

After last week’s revelations of the breach in DigiNotar, Google has also advised its users in Iran to change their passwords.

"We learned last week that the compromise of a Dutch company involved with verifying the authenticity of websites could have put the Internet communications of many Iranians at risk, including their Gmail," Google vice president of security engineering Eric Grosse said.

"While users of the Chrome browser were protected from this threat, we advise all users in Iran to take concrete steps to secure their accounts," Grosse said.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Mozilla has asked Web certificate authorities to audit their security or risk being dumped from Firefox, according to a BBC report.

Mozilla has said that Web security issuing companies must provide proof that they other companies have protected their systems and reveal what steps the issuers take when certificates are issued to prevent fraudulent certificates form being generated.

Meanwhile the Netherlands’ national prosecutors have begun a probe into the breach at DigiNotar for possible criminal negligence.

Preliminary investigations showed that the company’s negligence could have led to hacking and fraudulent use of its certificates.

DigiNotar has said that an "intrusion" resulted in the "fraudulent issuance of public key certificate requests for a number of domains, including"

"At that time, an external security audit concluded that all fraudulently issued certificates were revoked," DigiNotar said.
"Recently, it was discovered that at least one fraudulent certificate had not been revoked at the time."

"After being notified by Dutch government organization Govcert, DigiNotar took immediate action and revoked the fraudulent certificate," the company said.

It is believed that the stolen Web security certificates from DigiNotar were used to spy on 300,000 Iranian Google email accounts. Close to 300,000 unique IP addresses from Iran requested access to using a rogue certificate issued by Dutch digital certificate authority DigiNotar, according to an interim report by security firm, Fox-IT, released on Monday.

The rogue certificates were issued on 10 July by DigiNotar, and finally revoked on 29 August.

The report said that DigiNotar used weak passwords, did not update its software on public servers and had no antivirus protection on internal servers. DigiNotar has also been accused of being slow to disclose a hacking incident which is susspected to have been supported by the Iranian government.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.