GlobalSign resumes issuing security certificates

GlobalSign website GlobalSign temporarily suspended new certificates after claims that a hacker had breached its systems

Related Stories

Belgian security firm GlobalSign is to resume issuing website authentication certificates, after a hacker claimed to have breached its systems.

The company is still investigating whether bogus certificates were created in its name.

Had that happened, cyber criminals would have been able to spy on users accessing supposedly secure sites.

An earlier attack on Dutch company DigiNotar resulted in several hundred false certificates being issued.

GlobalSign said it would start bringing its systems back online on Monday, but did not expect to be processing new certificates until Tuesday.

The company posted a statement on its website: "We are adopting a high threat approach to bringing services back online and we are working with a number of organisations to audit the process of bringing the services back online."

As well an an internal audit, GlobalSign has also asked an external security consultant - Fox IT - to review its systems. The same company carried out an investigation into the attack on DigiNotar.

Even as it was preparing to resume issuing authorisation certificates, GlobalSign experienced an attack on a separate system used to operate its website.

The company said that the server was isolated from the rest of its infrastructure and only used to serve www.globalsign.com.

Anonymous claims

GlobalSign temporarily halted the creation of new certificates in response to an anonymous posting uploaded to the pastebin website.

Authentication certificate Authentication certificates are used to verify secure websites

The author, who identified themselves only as "ComodoHacker", claimed to have gained access to four certificate authorities, in addition to DigiNotar.

There was no hard evidence that GlobalSign's systems were compromised.

However it decided to take the precaution because of the severity of the earlier attack on DigiNotar.

It is believed that at least 500 false certificates were created with that company's system. Many ended up being used in Iran, potentially giving users a false sense of security when accessing services such as GMail.

Authentication certificates are used by some websites to give their users secure access.

Typically these take the form of a TLS or SSL connection - which can be identified by the appearance of a padlock logo and "https" prefix.

Together, they are supposed to guarantee that the site is what it appears to be, and that the user's session is not being monitored.

Hundreds of bodies - known as certificate authorities (CAs) - are allowed to provide such authentication.

More on This Story

Related Stories

More Technology stories

RSS

Features & Analysis

  • Cerro RicoSatanic mines

    Devil worship in the tunnels of the man-eating mountain


  • Nefertiti MenoeWar of words

    The woman who sparked a row over 'speaking white'


  • Oil pumpPump change

    What would ending the US oil export ban do to petrol prices?


  • Brazilian Scene, Ceara, in 1893Sir Snapshot

    19th Century Brazil seen through the eyes of an Englishman


Elsewhere on the BBC

  • SailingGame on

    BBC Capital discovers why certain sports seem to have a special appeal for those with deep pockets

Programmes

  • Prof Piot, the first person to indentify Ebola virusHARDtalk Watch

    Ebola expert warns travellers could spread the disease further if it is not contained

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.