GlobalSign web certificate authority back online after breach by hacker

Belgian web certificate authority (CA) GlobalSign is back online after investigating claims by the hacker who breached the Dutch DigiNotar CA that its systems had also been breached.

Belgian web certificate authority (CA) GlobalSign is back online after investigating claims by the hacker who breached the Dutch DigiNotar CA that its systems had also been breached.

The attack on DigiNotar resulted in fraudulent web authentication certificates being issue for hundreds of websites, including google.com.

As soon as the DigiNotar hacker made the claim about GlobalSign, the CA suspended certificate issue on 6 September.

Three days later, GlobalSign, the fifth largest digital certificate issuer, confirmed that it had found evidence of a breach to the web server hosting its website, but said the server was isolated from all other infrastructure and there was no evidence of any further breach.

The CA said it would begin work on returning services to normal, but would continue to monitor all activity on all services as a precaution.

The company is still investigating whether bogus certificates were created in its name, according to the BBC.

The breach at DigiNotar raised concerns about the CA system, as digital certificates are used to verify the identity of a person or device, authenticate a service or encrypt files.

Consequently, a fraudulent certificate may be used to spoof web content, perform phishing attacks or perform man-in-the-middle attacks.

Read more on IT risk management