Dutch certificate authority KPN has issued a statement, confirming that it will cease issuing operations after a security breach was discovered.
KPN, formerly known as Getronics, which issues SSL-certificates to validate the authenticity of secure websites, will cease issuing certificates after one of its servers had been hacked, thought to be as far back as four years ago.
It's another major blow to the integrity of the web, only a month since Dutch certificate authority Diginotar was hacked, potentially compromising the security of websites belonging to the Dutch government, Google, Facebook and even state intelligence services.
(Source: Flickr, CC)
In the statement, while "existing certificates already issued remain valid", it cannot rule out that the production of certificates -- including pre-existing certificates -- have not been compromised.
It appears that malware may have resulted in the servers, which have now been replaced, were used as part of a botnet to carry out denial-of-service (DDoS) attacks on other companies, businesses and websites. These servers have been replaced to "ensure that certificates issued be optimally safe and reliable".
KPN has begun an internal investigation, as well as asking a third-party to carry out an independent audit of its services. The results of these investigations are expected early this coming week.
The Dutch government has also been informed, the statement reads.
This comes only a month after a Reuters reports said KPN had "won new business" from former Diginotar customers, after its services were compromised. Digtinotar subsequently went bankrupt after its security breach, which affected millions of users around the web.
The Dutch government said around 300,000 users in Iran had been spied on by hackers, thought to be associated with Iran's state intelligence service.
At least half a dozen other certificate authorities have been compromised in the past year. While there has been no evidence to suggest the breaches have led to fake certificates being issued, it does go to show the fragility of the system that is only as strong as the weakest link.
Comodo, StartSSL, and world-renown GlobalSign have all been affected by security breaches.
- Facebook, Google, CIA, MI6 targeted in Dutch government certificate hack
- GlobalSign to resume issuing website certificates after server breach
- Steven J. Vaughan-Nichols: Fake SSL certificates pirate web sites
- Google warns Iranian users of possible security breach
- Google, Mozilla and Microsoft ban the DigiNotar Certificate Authority in their browsers