Slashdot Mirror

← Back to Stories (view on slashdot.org)

DigiNotar Goes Bankrupt After Hack

Posted by timothy on from the it's-the-little-things dept.

twoheadedboy writes "DigiNotar, the Dutch certificate authority which was recently at the centre of a significant hacking case, has been declared bankrupt. The CA discovered it was compromised on 19 July, leading to 531 rogue certificates being issued. It was only in August that the attacks became public knowledge. Now the company has gone bankrupt, parent firm VASCO said today. VASCO admitted the financial losses associated with the demise of DigiNotar would be 'significant.' It all goes to show how quickly a data breach can bring down a company." Adds reader Orome1: "This is unsurprising, since a report issued by security audit firm Fox-IT, who has been hired to investigate the now notorious DigiNotar breach, revealed that things were far worse than we were led to believe."

4 of 136 comments (clear)

  1. Bankrupt? by Anonymous Coward · · Score: 4, Informative

    How do you go bankrupt before any charges have been laid, fines levied, etc.? Sounds like the parent company ditching them before they can be held liable.

  2. Re:Comodo by Spad · · Score: 4, Informative

    Mostly because they caught the intrusion (which was at a 3rd party rather than directly part of Comodo) and reported it immediately as well as putting in place measures to try and prevent it from happening again.

    DigiNotar didn't notice that they'd been hacked for months and didn't tell anyone for months more and even then they didn't know how badly they'd been hacked or exactly which certs may have been issued to whom.

  3. Misplaced paranoia. by the_raptor · · Score: 4, Interesting

    My favourite part of the article:

    We have strong indications that the CA-servers, although physically very securely placed in a tempest proof environment, were accessible over the network from the management LAN.

    TEMPEST http://en.wikipedia.org/wiki/TEMPEST is a method where you intercept EM radiation from a computer and use that to reconstruct some information about what that computer is doing. For example the US government could supposedly read CRT monitors from a fair distance away.

    However, worrying about TEMPEST protection when you not only have those system connected to systems that are connected directly to the net, but use a single management username and password combo for your entire network is just insane. Even if the system wasn't connected to the Internet the freaking janitor could have placed a key-logger and had access to the entire system.

    It is far cheaper to bribe one employee then spend millions setting up a modern TEMPEST system. I guess even the Dutch practice security theatre.

    --

    ========
    CINC, 4th Penguin Legion
  4. Re:Comodo by heypete · · Score: 4, Informative

    That, and Comodo's core infrastructure (e.g. the stuff that actually does the signing) wasn't compromised.

    The attacker used the compromised third party to issue certificates through the normal channels made available by Comodo to resellers, so it was possible to determine exactly what certificates were issued erroneously.

    At least that was my understanding of what happened, based on information I read several months ago.