DigiNotar Certificate Authority Banned For Life From Chrome And Firefox
Internet security is something that a lot of us worry about, but how much do we know about what goes on behind the scenes? In very many cases we know almost nothing, and rely on internet security programs and certificates to tell us that our data is safe.
However, online fraud, phishing and identity theft have been on the rise for the past decade, and now constitute the largest form of online criminal activity. It is estimated that losses from this are well into the billions of pounds each year, and with the constant increase and diversity of the ways people access the internet it is a problem that is set to continue.
An example of this has been uncovered recently with the Dutch company DigiNotar. They were a company called a ‘certificate authority’, which issues digital security certificates based on public key encryptions. These give the base for the security of everyday users, who see an SSL certificate and assume they are safe.
The problem began when lax security policies at DigiNotar ended up in a network breach. The hackers that broke in then managed to forge and distribute many different certificates including Google, Mozilla and over 200 others. This in turn put millions of people at risk, not to mention that the same company was responsible for security certificates relating to sensitive government information. Worse than their inability to account for security certificates was the six week period it took them to own up to it, angering many people around the world.
This breach has now been brought under control, with Google and Mozilla adding the offending certificates to their blacklists, but not without consequence for DigiNotar. Since the debacle they have officially been banned for life by both of these internet giants, and the bad publicity has caused the company to go into administration with the loss of several hundred jobs.
Although the results of this whole episode haven’t been as disastrous as many thought it could be, it is a stark warning of the dangers of the internet. It only takes sloppy security in one part of the chain for it to potentially collapse altogether. At Pixel Internet we take our security very seriously and do our best to stay on top of all latest news stories like this, in turn keeping our customers as secure as possible.