Attackers successfully penetrated the network defenses of network infrastructure vendor VeriSign Inc. several times in 2010, potentially obtaining data from a “small portion†of the company's computers and servers.
We have investigated and don't believe these attacks breached the servers that support our Domain Name System (DNS) networkVeriSign
The company disclosed the information security breach in an October 2011 Securities and Exchange Commission filing and said it believes the scope of the breach was limited.
“In 2010, the corporate faced several successful attacks against its corporate network by which access was gained to information on a small part of our computers and servers. Information stored at the compromised corporate systems was exfiltrated,†VeriSign said within the SEC filing. “We have investigated and don't believe these attacks breached the servers that support our Domain Name System (DNS) network.â€
If attackers gained access to servers supporting the DNS network, they can, for starters, potentially redirect Internet traffic to malicious domains or intercept email messages.
A VeriSign spokesperson didn't reply to a request for more information concerning the breach. The VeriSign security breach disclosure was reported today by Reuters. Public companies are required under SEC rules to reveal to shareholders how the stock can be negatively affected. VeriSign explained the 2010 breach of its systems as portion of that disclosure process. It followed new guidelines issued by the SEC clarifying breach disclosure.
VeriSign said it's blind to any stolen data getting used in subsequent attacks. Attackers have been targeting certificate authorities (CAs) to try to create fraudulent digital certificates. On the time of the breach, VeriSign still had its SSL and authentication business. VeriSign sold its authentication unit to Symantec Corp. in August 2010. A Symantec spokesperson told Reuters that there's no indication that the breach was regarding the purchase.
The company said it deployed additional security controls to thwart additional attacks. VeriSign said the attacks weren't reported to the company's management until September 2011. Ken Silva, who was VeriSign's chief technology officer for 3 years until November 2010, told Reuters that he didn't find out about the intrusion. The corporate has implemented new reporting procedures to escalate breach disclosure in the course of the organization.Â
While the importance of the VeriSign intrusion remains unclear, it is a reflection of what's taking place within the entire industry, said Anup K. Ghosh, a noted security expert and founder and chief scientist at secure browser maker Invincea. The safety industry, Ghosh said, is failing at architecting systems and technologies that could prevent breaches.
“They clearly have intellectual property and certificates that might be of interest to nation state types and other cybercriminals,†Ghosh said of VeriSign. “There are nation state adversaries like China and Eastern Europe going after corporate data, hacktivists and cybercriminals attacking to generate profits; corporations are under threat from all three of those actors and our security systems are currently failing.â€
VeriSign issues statement; non-production systems breached
VeriSign Inc. is reaffirming its stance that its Domain Name System (DNS) was not compromised as as a result of a 2010 breach of its systems.In a press release issued Thursday, VeriSign said that attackers penetrated parts of its non-production corporate network. The corporate said it conducted an intensive analysis of the attacks and echoed its October Securities and Exchange Commission filing that the operational integrity of the DNS remains intact.
The company said it has multiple security mechanisms in place to confirm the integrity of the zone files it publishes. Lots of those security controls, including real-time monitoring and validation, were installed place in 2005, well before its 2010 breach, the corporate said.
“VeriSign engineered real-time validation systems that were designed to detect and mitigate both internal and external attacks that could try to compromise the integrity of the DNS,†a corporation spokesperson said in a press release.
VeriSign maintains two of a couple of dozen root name servers, which make sure that domains are properly resolved.
Nessun commento:
Posta un commento
Comments links could be nofollow free