GlobalSign admits an unpatched server led ComodoHacker to breach its system

Security Firm GlobalSign Says Outdated Open Source Software Led to Breach

Add Your Comments

Outdated open-source software was behind the GlobalSign web server breach last year, a report by ZDNet on Thursday says.

An unnamed senior executive at GlobalSign told ZDNet that it failed to update a web server that was victim of an attack in September 2011.

GlobalSign stopped issuing SSL certificates on September 6, 2011, about 24 hours after a hacker claimed to have access to its systems. The certificate authority investigated the claim with external investigation firm Fox-IT and determined that no rogue certificates were issued or customer data exposed during the incident that affected a server hosting its website isolated from all other infrastructure.

While it seems like something that can be easily avoided, unpatched servers have made organizations vulnerable to hackers in the past. Unpatched servers and outdated software can be risky so it is critical for web hosts to impress upon customers that updating software is important since updates contain bug fixes that are essential to securing websites and data online.

In an interview with the WHIR in January, chief executive officer for GlobalSign Steve Waite discussed its reaction to the breach, and the need for CAs to take responsibility in maintaining safe and secure Internet transactions.

GlobalSign was apologetic for its two-week absence as it investigated the incident, but stood by its decision. Reactions were mixed on GlobalSign’s decision; some thought it was  unnecessary, and others applauded the certificate authority for its thorough investigation.

According to an incident report released in December 2011, GlobalSign rebuilt its certificate infrastructure with new hardware and hardened images for all services.

Following the GlobalSign security incident, The CA/Browser Forum issued the “Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates” as the first international standard for operation of certificate authorities that issue digital certificates. The standard will go into effect July 1, 2012.

This new development comes two days after CDN provider NetDNA announced that it has partnered with GlobalSign to launch EdgeSSL, a SSL certificate solution for the NetDNA content delivery network.

Talk back: Are you surprised that an unpatched server caused the breach? Do you think security measures have increased since the breach last year? Let us know in the comment section.

Add Your Comments

  • (will not be published)