An unnamed senior executive at GlobalSign told ZDNet that it failed to update a web server that was victim of an attack in September 2011.
GlobalSign stopped issuing SSL certificates on September 6, 2011, about 24 hours after a hacker claimed to have access to its systems. The certificate authority investigated the claim with external investigation firm Fox-IT and determined that no rogue certificates were issued or customer data exposed during the incident that affected a server hosting its website isolated from all other infrastructure.
While it seems like something that can be easily avoided, unpatched servers have made organizations vulnerable to hackers in the past. Unpatched servers and outdated software can be risky so it is critical for web hosts to impress upon customers that updating software is important since updates contain bug fixes that are essential to securing websites and data online.
In an interview with the WHIR in January, chief executive officer for GlobalSign Steve Waite discussed its reaction to the breach, and the need for CAs to take responsibility in maintaining safe and secure Internet transactions.
GlobalSign was apologetic for its two-week absence as it investigated the incident, but stood by its decision. Reactions were mixed on GlobalSign’s decision; some thought it was unnecessary, and others applauded the certificate authority for its thorough investigation.
According to an incident report released in December 2011, GlobalSign rebuilt its certificate infrastructure with new hardware and hardened images for all services.
Following the GlobalSign security incident, The CA/Browser Forum issued the “Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates” as the first international standard for operation of certificate authorities that issue digital certificates. The standard will go into effect July 1, 2012.
This new development comes two days after CDN provider NetDNA announced that it has partnered with GlobalSign to launch EdgeSSL, a SSL certificate solution for the NetDNA content delivery network.
Talk back: Are you surprised that an unpatched server caused the breach? Do you think security measures have increased since the breach last year? Let us know in the comment section.