- Egypt rights center raided, 2 Mubaraks acquitted
- New Mexico Supreme Court rules same-sex marriage constitutional
- Blame Bush: 5 years later, that’s still the mantra, pollsters find
- Dutch prostitutes demand same retirement benefits as soccer stars
- John McCain to Harry Reid: I’ll ‘kick the crap’ out of you
- Dogs that talk: Researchers seek $10K for ‘No More Woof’ technology
- 1,000 firefighters called to battle stubborn Big Sur wildfire
- Black Friday brouhaha: Millions of Target shoppers hit by credit card theft
- Britain orders airplane to rescue citizens from violent South Sudan
- Mega Millions winner emerges as Georgia mom, in ‘disbelief’
Second firm warns of concern after Dutch hack
Question of the Day
AMSTERDAM (AP) - A company that sells certificates guaranteeing the security of websites, GlobalSign, said Tuesday it is temporarily halting the issuance of new certificates over concerns it may have been targeted by hackers.
It said in a statement it does not know whether it has actually been hacked, but is taking threats by an anonymous hacker seriously in the wake of an attack on a smaller Dutch firm, DigiNotar, that came to light last week.
The company did not return phone calls seeking comment.
A Dutch government review of the incident conducted by external information technology experts found that DigiNotar _ whose business is ensuring digital security _ had itself used weak passwords, failed to update software on its public servers and had no antivirus protection on its internal servers.
The company first acknowledged it had been hacked on Aug. 30, a day after Google publicly stated that fake and unauthorized DigiNotar certificates for Google sites were circulating in Iran. Google marked the company’s certificates as dubious, and other web browser makers followed suit.
Only then did DigiNotar acknowledge being hacked on July 19, saying that hackers had issued fake certificates for “a number” of domains. The company said it believed it had withdrawn them all, but missed Google.
On Sept. 3, the Dutch government seized control of DigiNotar’s operations, saying certificates the company had issued to guarantee the safety of numerous Dutch government websites could also no longer be relied on.
The external review by Fox-IT found that the company was actually hacked on June 17th and that hackers had issued 531 bogus certificates for 344 domains in all, including most major Internet communications companies.
Fox-IT and other experts have concluded the hackers were helping the Iranian government spy on citizens who thought they were accessing Google email securely due to the bogus DigiNotar seal of approval.
“We are definitely going to look at…whether this is culpable negligence by the company that they didn’t report this,” Interior Minister Piet Hein Donner said at a news conference late Monday.
The government also is investigating who was behind the hack, though that may be difficult to verify without help from Tehran.
An unknown hacker who claimed responsibility for a similar breach of U.S.-based certificate issuer Comodo Inc. in March, has also claimed responsibility for the DigiNotar hack.
In a posting on Pastebin.com under the handle “ComodoHacker” on Monday, he or she offered a user name and password for an administrator’s account at DigiNotar as evidence.
The post also boasted of having hacked four other “high profile” certificate providers, including GlobalSign.
“GlobalSign takes this claim very seriously and is currently investigating,” the company said in a statement.
“ComodoHacker” has used phrases in the Farsi language spoken in Iran in previous posts to Pastebin _ including a phrase that also was found by Fox-IT in a message left on DigiNotar’s servers. Monday’s post cited anti-Dutch political motivations for the attacks.
Donner said that in the wake of the incident the Dutch government is considering legislation that would make it mandatory for companies to disclose computer hacks and data leaks.
By Andrew P. Napolitano
Fourth Amendment says Obama is not at liberty to collect metadata
- Calling prison term disparities unfair, Obama commutes sentences for 8 crack offenders
- Homeland Security helps smuggle illegal immigrant children into the U.S.
- Gov't wasted $30 billion on 'pillownauts,' crystal goblets -- buying human urine!
- Armed response, not restrictive gun laws, brought swift end to school shooting
- Bill Gates: The Secret Santa disguised as a 'friendly fellow' on Reddit
- Obamacare 'pajamas boy' gets roundly mocked
- Duck Dynasty Phil Robertson suspended indefinitely for gay quip
- U.S. pilot scares off Iranians with 'Top Gun'-worthy stunt: 'You really ought to go home'
- U.S. Army mulls wiping out memory of Robert E. Lee, 'Stonewall' Jackson
- BOLTON: Nero in the White House
Independent voices from the The Washington Times Communities
Paul Rondeau exposes the propaganda, media tricks, and government policies that undermine our families, faith, freedom…and even life itself
Implement these actionable tips, how-to’s and best practices in 10 minutes or less to leverage online communications and technology for brand, business and career development.
The world impacts us. What happens in our towns, cities, states, country and on this planet makes a difference to us.
Top 10 handguns in the U.S.
Extraordinary day at Redskins Park
White House pets gone wild!
Let it snow