Breach

Security breaches impacting VeriSign emerge in filing

February 2, 2012

VeriSign, the company that manages more than 100 million .com, .net and .gov domains, was hacked numerous times in 2010, and the intruders got away with unspecified data.

The breaches, reported Thursday in a Reuters story, were acknowledged by VeriSign in a recent filing with the U.S. Securities and Exchange Commission (SEC). VeriSign compiled the filing amid new SEC guidance issued in October.

"In 2010, the company faced several successful attacks against its corporate network in which access was gained to information on a small portion of our computers and servers," the filing said. "We have investigated and do not believe these attacks breached the servers that support our domain name system (DNS) network. Information stored on the compromised corporate systems was exfiltrated."

If the DNS network went untouched, that means the ability for users to connect to their intended web destination was not affected. However, VeriSign offers other services, including serving as an issuer of SSL certificates, a division that is now owned by Symantec.

There have been recent instances of hackers compromising the infrastructures of certificate authorities like VeriSign to dispense fraudulent SSL certs, which can permit an attacker to mimic trusted websites and steal sensitive information. However, a Symantec spokeswoman told Reuters that there is no reason to believe the breaches mentioned in the filing had anything to do with this business unit.

The breaches happened in 2010, but executive management wasn't notified until September 2011, according to the Reuters report. Former VeriSign CTO Ken Silva, who left the company in November 2010, wasn't familiar with the incidents.

Neither a VeriSign nor a Symantec representative could be reached for comment when contacted by SCMagazine.com on Thursday.

Sam Visner, former chief of intelligence programs at the National Security Agency who currently serves as the cyber lead for IT services firm CSC, said the attackers likely went after VeriSign to enable another exploit.

"It tells me the kind of people we're dealing with are increasingly planful," he told SCMagazine.com on Thursday. "Depending on what they took, the information could conceivably be used to enable something else. VeriSign is not a target any more than RSA was."

prestitial ad