The Tech Herald

After a massive security breach - DigiNotar files for bankruptcy

by Steve Ragan - Sep 20 2011, 16:55

DigiNotar, the Dutch Certificate Authority (CA) that suffered a massive security breach, resulting in nearly 300,000 Iranians being compromised, has filed for bankruptcy. The voluntary petition was granted on Tuesday by a court in The Netherlands.

DigiNotar filed for bankruptcy on Monday, less than 24-hours later the petition was approved. In a statement, DigiNotar’s parent company, Vasco, distanced itself from the security breach, promising to cooperate with the Dutch government during the bankruptcy proceedings.

“Although we are saddened by this action and the circumstances that necessitated it,” said T. Kendall Hunt, VASCO’s Chairman and CEO.

“…we plan to cooperate with the Trustee and the Judge to the fullest extent reasonably practicable to bring the affairs of DigiNotar to an appropriate conclusion for its employees and customers. We also plan to cooperate with the Dutch government in its investigation of the person or persons responsible for the attack on DigiNotar. ”

In total, 531 fraudulent certificates were issued during the DigiNotar breach, including certificates for Google, Microsoft, MI6, the CIA, TOR, Mossad, Skype, Twitter, Facebook, Thawte, VeriSign, and Comodo. A security report compiled by Fox-IT, who is investigating the breach, outlined several instances of lackluster security on DigiNotar’s network, and noted that some 300,000 Iranians were exposed in the incident.

“We found that the hackers were active for a longer period of time. They used both known hacker tools as well as software and scripts developed specifically for this task,” the report noted.

“The network has been severely breached. All CA servers were members of one Windows domain, which made it possible to access them all using one obtained user/password combination. The password was not very strong (Pr0d@dm1n) and could easily be brute-forced. The software installed on the public web servers was outdated and not patched. No antivirus protection was present on the investigated servers...”

Despite the breach of trust, Vasco says they will return to CA business in the future. “We want to emphasize that the bankruptcy filing by DigiNotar, which was primarily a certificate authority, does not involve Vasco’s core two-factor authentication business,” said Jan Valcke, Vasco’s COO.

“While we do not plan to re-enter the certificate authority business in the near future, we expect that we will be able to integrate the PKI/identity verification technology acquired from DigiNotar into our core authentication platform.”

It is unknown if said PKI/identity verification technology was also compromised during the breach, though it is assumed that it wasn’t by many following the situation. After the breach made headlines, Microsoft, Mozilla, and Google revoked DigiNotar’s trusted status, pulling their root certificates from all of their products.

“The CA business is all about selling trust. After all, a CA is supposed to be a trusted third party. Let's hope all the remaining ones get the right message: it's not about not getting caught being hacked,” commented Swa Frantzen, of Section 66 – a security services firm in Belgium.

On the contrary, it's about doing the right thing once you have been hacked. Let's hope it leads to more transparency and public scrutiny of the CAs we trust explicitly or implicitly though the choice of some of our vendors.”

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Asian Market Gets McLaren 625C

Sportscar maker McLaren have announced they will release a special model just for the Asian ...

Mercedes-AMG C63 Pictures

We have added some great pictures of the new Mercedes-AMG C63. With a 4.0 liter engine ...

Mercedes-AMG C63 Details

Mercedes have released details of their new Mercedes-AMG C63. This top end of the C-Class li...

Volkswagen Beetle Classic Model Prices

Volkswagen has announced prices for the new limited edition Beetle Classic model. The new Cl...

Chevy Colorado And GMC Canyon Ship To Dealers

General Motors have started shipping their new 2015 Chevy Colorado and 2015 GMC Canyon to de...