Second security certificate firm hacked
GlobalSign forced to temporarily close security certificate business following alleged hack
A second authentication certificate firm in Europe has been compromised by hackers and has temporarily been forced to stop issuing security certificates.
According to the BBC, Belgian security firm GlobalSign has suspended its business after a hacker claimed to have breached the company's servers.
This follows last month's breach at certification certificate firm DigiNotar, based in the Netherlands.
When computers connect to a site with TLS or SSL authentication, a certificate is issued which verifies the site's identity to the web browser, if hackers created a fake certificate, this could allow them to spy on user's activities online.
GlobalSign said they stopped issuing security certificates after a hacker posted a note on the online noticeboard of Pastebin which claimed the hacker, known as ‘Comodo Hacker' had gained access to four certificate authorities, in addition to DigiNotar.
Only GlobalSign is named in the post, although the message points out that an attack on StartCom was foiled.
Trend Micro has said that the DigiNotar hack targeted Iranians with fake security certificates.
ComodoHacker also refers to an attack on US certificate authority Comodo in March.
The hacker also dismissed suggestions that the hacks were the work of the Iranian government.
"I'm single person, do not AGAIN try to make an ARMY out of me in Iran. If someone in Iran used certs I have generated, I'm not one who should explain," said the posting in Pastebin.
The posting by the hacker does outline a political agenda however.
"Dutch government is paying what they did 16 years ago about Srebrenica, you don't have any more e-Government huh?"
The statement seems to refer to the 1995 Srebenica massacre, where Serbian forces killed over 8,000 Bosnian Muslims and Dutch peacekeeping forces failed to intervene.