Security Experts:

Hacker Forces DigiNotar Into Bankruptcy

Following the recent cyber attack that resulted in an intrusion into DigiNotar’s Certificate Authority (CA) infrastructure and the fraudulent issuance of SSL certificates for hundreds of domains, including Google.com, CIA.Gov and many others, DigiNotar officially will be closing its doors for good.

VASCO Data Security, DigiNotar’s parent company, today said that DigiNotar had filed a voluntary bankruptcy petition on Monday, September 19, 2011 and was declared bankrupt by a Dutch Court today.

DigiNotar Forced Into BankruptcyThis announcement should come as no surprise. The company halted sales of its digital certificates following the incident, and the revenue generated for VASCO Data Security who acquired DigiNotar for $12.9 million in January 2011, was minimal. DigiNotar in the first six months of 2011 generated less than 100,000 Euro in revenue from its SSL and EVSSL business.

The Court appointed a bankruptcy trustee and a bankruptcy judge to manage the bankruptcy process. The trustee will work under the supervision of the judge and be responsible for the administration and liquidation of DigiNotar. The Trustee is required to report to the Judge and his reports are expected to be made available to the public and will serve as a source of information to the creditors and other stakeholders.

"Although we are saddened by this action and the circumstances that necessitated it," said T. Kendall Hunt, VASCO's Chairman and CEO. "We would like to remind our customers and investors that the incident at DigiNotar has no impact on VASCO's core authentication technology. The technological infrastructures of VASCO and DigiNotar remain completely separated, meaning that there is no risk for infection of VASCO's strong authentication business.”

"While we do not plan to re-enter the certificate authority business in the near future, we expect that we will be able to integrate the PKI/identity verification technology acquired from DigiNotar into our core authentication platform,” Hunt added.

"We are working to quantify the damages caused by the hacker's intrusion into DigiNotar's system and will provide an estimate of the range of losses as soon as possible, " said Cliff Bown, VASCO's Executive Vice President and CFO.

“The general lesson it is that we must understand that all organizations are at risk for compromise by determined adversaries,” said Anup Gosh, Founder & Chief Executive Officer at Invincea in a previous statement to SecurityWeek. “This problem is everyone's and no one is immune given that our adversaries have continued to innovate while as an industry Information Security has largely remained stagnant.”

The hacker who claimed responsibility for the attack identifies himself as “Comodohacker”, a 21-year old hacker acting as an individual, has also hacked other CA’s, but this is the first that officially has been forced out of business as a result. Will ComodoHacker force other Certificate Authorities out of business?

Systems at GlobalSign, one of the longest established Certification Authorities, were also recently compromised, though not to the extent as DigitNotar, which an investigation reported had very weak security practices in place. GlobalSign’s breach appears to be limited to only a Web server that hosted the company’s Web site. The company did temporarily halt sales of its digital certificates but has since resumed selling them.

The claimed hacker, reportedly an Iranian loyalist, says he has developed an “unbreakable” system for replacing SSL certificates. “If my country get equal right as USA in controlling emails, I may share my brilliant unbreakable encryption system for replacement of SSL and CA system,” he wrote in a previous statement. He also hints at his bright future as a hacker, writing: “P.S.S. never forget, I'm just 21, you have to see much more from me!”

Subscribe to the SecurityWeek Email Briefing
view counter