February 02, 2012

Security breaches impacting VeriSign emerge in filing

VeriSign, the company that manages more than 100 million .com, .net and .gov domains, was hacked numerous times in 2010, and the intruders got away with unspecified data.

The breaches, reported Thursday in a Reuters story, were acknowledged by VeriSign in a recent filing with the U.S. Securities and Exchange Commission (SEC). VeriSign compiled the filing amid new SEC guidance issued in October.

"In 2010, the company faced several successful attacks against its corporate network in which access was gained to information on a small portion of our computers and servers," the filing said. "We have investigated and do not believe these attacks breached the servers that support our domain name system (DNS) network. Information stored on the compromised corporate systems was exfiltrated."

If the DNS network went untouched, that means the ability for users to connect to their intended web destination was not affected. However, VeriSign offers other services, including serving as an issuer of SSL certificates, a division that is now owned by Symantec.

There have been recent instances of hackers compromising the infrastructures of certificate authorities like VeriSign to dispense fraudulent SSL certs, which can permit an attacker to mimic trusted websites and steal sensitive information. However, a Symantec spokeswoman told Reuters that there is no reason to believe the breaches mentioned in the filing had anything to do with this business unit.

The breaches happened in 2010, but executive management wasn't notified until September 2011, according to the Reuters report. Former VeriSign CTO Ken Silva, who left the company in November 2010, wasn't familiar with the incidents.

Neither a VeriSign nor a Symantec representative could be reached for comment when contacted by SCMagazine.com on Thursday.

Sam Visner, former chief of intelligence programs at the National Security Agency who currently serves as the cyber lead for IT services firm CSC, said the attackers likely went after VeriSign to enable another exploit.

"It tells me the kind of people we're dealing with are increasingly planful," he told SCMagazine.com on Thursday. "Depending on what they took, the information could conceivably be used to enable something else. VeriSign is not a target any more than RSA was."

Related Articles
Related Topics
Related Links

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.