Comodo Hacker taunt halts GlobalSign’s SSL certificates

GlobalSign brings in FOX-IT to assess potential damage

The world’s fifth largest issuer of SSL (secure sockets layer) certificates, Global Sign, has stopped issuing certificates following a claim that its systems were compromised. 

The company took the decision a day after a person purporting to be the Comodo Hacker,  claimed to have breached the certificate authority’s (CA) systems. 

The person, who took credit for a similar breach at Comodo in March, also claimed to be behind the recent spate of forged certificates from Dutch CA, DigiNotar.

“GlobalSign takes this claim very seriously and is currently investigating. As a responsible CA, we have decided to temporarily cease issuance of all Certificates until the investigation is complete. We will post updates as frequently as possible,” the company said

The CA boasts a number of high traffic clients including the BBC, Toyota, ING, Skype, Virgin Atlantic, Vodafone, BT, Adobe and the UK’s health department, NHS, and pharma giant, Novartis.

On Wednesday it brought in Dutch security firm FOX-IT to assess its systems, the same firm that prepared the incident report for DigiNotar, which revealed 300,000 Iranians had used the forged certificates to access the domain. 

“Fox-IT is the Dutch cybersecurity experts hired to investigate the compromise of the Dutch CA DigiNotar and therefore already have a wealth of current knowledge and experience of the hacker,” it said.

The security firm had made the connection between the Comodo Hacker and the attack on DigiNotar in its report. 

Despite the ComodoHacker’s claim they had breach GlobalSign, the CA said FOX-IT’s hiring was merely a precautionary measure. 

Netcraft placed GlobalSign as the fifth largest issuer of certificates. 


Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags DigiNotarhackerSSL CertificatesFox ITComodo hackerGlobal Sign

More about Adobe SystemsBBC Worldwide AustralasiaBT AustralasiaCA TechnologiesComodoGlobalSignGoogleING AustraliaNetcraftSkypeToyota Motor Corp AustVodafone

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Brand Page

Stories by Liam Tung

Latest Videos

More videos

Blog Posts