Japanese-owned certificate authority GlobalSign has temporarily stopped issuing certificates, after the hacker thought to be responsible for the DigiNotar breach claimed to have compromised its systems.
Certificate authority GlobalSign has temporarily stopped issuing certificates, after the hacker thought to be responsible for the DigiNotar breach claimed to have compromised its systems.
After breaking into the Dutch DigiNotar certificate authority, the hacker was able to create fraudulent SSL certificates that could be used in attacks to steal Google.com logins and credentials. The alleged attacker, 'Comodohacker', claimed to have similarly compromised GlobalSign on Tuesday.
"GlobalSign takes this claim very seriously and is currently investigating," the company said in a security advisory on Tuesday. "As a responsible [certificate authority], we have decided to temporarily cease issuance of all certificates until the investigation is complete."
In addition, the company has called on security company Fox-IT to look into the intrusion.
"GlobalSign has now appointed Fox-IT due to their previous involvement in investigating the DigiNotar hack. This is a precautionary measure as we continue to assess the Comodohacker's claims," GlobalSign chief marketing officer Steve Waite said in a statement.
Digital certificates are a form of online cryptographic identification. Hackers can use spoofed certificates to fool users into thinking they are visiting trusted sites.
'Comodohacker' said they had access to three more certificate authorities in a Pastebin document on Tuesday.
The hacks could have wide-ranging consequences for the use of certificates to guarantee a measure of trust on the internet.
For example, Google, Mozilla and Microsoft have taken the unprecedented
step of removing DigiNotar root certificates from their products,
including certificates for the Dutch government.
The attack on DigiNotar has led to the Dutch government assuming operational management of DigiNotar certificates. The breach may have compromised up to 300,000 Iranians, according to Fox-IT. The hack on DigiNotar involved writing rootkits, and using zero-day vulnerabilities to access the systems, Comodohacker said in the Pastebin document.
In addition, Comodhacker claimed to have the ability to issue Windows Updates, despite assurances from Microsoft that it had complete control of its patch service.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.