GlobalSign: Breach confirmed, SSL certificates not compromised

Summary:GlobalSign admitted that though its public-facing website was hacked, leading to its own SSL certificates being revoked, its secure certificate infrastructure remained unharmed.

Certificate authority GlobalSign admitted it suffered a web server attack but "did not find any evidence" of rogue certificates being issued, compromised certificates, or exposed customer data.

However, its own website's SSL certificate and key for www.globalsign.com was "deemed compromised" and revoked.

(Source: Flickr, CC)

The security firm stopped issuing SSL certificates from September 5th--15th after the company discovered that it had been attacked.

A hacker known as "Comodohacker" compromised other certificate authorities including Comodo and DigiNotar.

While its own website and web servers were attacked by the hacker, the statement issued today said that its website was "peripheral" to certificate-issuing operations.

Though its SSL certificate issuing operations were untouched, "additional security precautions were taken", such as the rebuilding of its certificate infrastructure with new hardware and "hardened images" for all services.

GlobalSign said that it had "learned much" from this incident, acknowledging that the threat landscape has "evolved", and remains committed to mitigating outages and downtime from future attacks.

The security of the web has been called into question after a series of hacks led to certificates being revoked on a widespread scale, and led to the downfall of one key player in the online security industry.

DigiNotor, a Netherlands-based certificate authority, which issued certificates for the Dutch government, subsequently went bankrupt. The Dutch government at the time warned users of its websites that it "could not guarantee the security" of its online services.

Over 500 certificates were believed to have been stolen, affecting users of Facebook, Twitter, and even Microsoft's Windows Update service. State intelligence services from Israel's Mossad, Britain's MI6, and the United States' CIA were also left vulnerable to the incident.

Dutch certificate authority KPN suspended its SSL certificate operations after a security breach was discovered last month.

Related:

Topics: Security, Browser, Networking

About

Zack Whittaker writes for ZDNet, CNET, and CBS News. He is based in New York City.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.