DigiNotar, GlobalSign targetted.

The recent hack targetting the Dutch Internet Trust Provider, DigiNotar, appears to have been politically motivated, according to the apparent hacker: https://twitter.com/#!/ichsunx2.

According to the interim, investigative report by Fox-IT, the infrastructure at DigiNotar included unpatched web servers, no server anti-virus protection, a weak domain administrator password and an intrusion prevention system which did not block the web server attacks. The full report can be found here.

By gaining access to these servers, the hacker was able to issue bogus digital certificates, which has serious implications to organisations offering secure web services and the users making use of these services. As a result, both Microsoft and Mozilla have revoked their trust in the DigiNotar Certificate Authority. Underlining the seriousness of this, Mozilla explain this as a “last resort” measure:


As a precaution, another Certificate Authority, GlobalSign, has temporarily stopped issuing certificates following one of the first postings (http://pastebin.com/1AxH30em) by the apparent hacker. The BBC Tech website gives more details: