Recent hack attacks on three digital security certificate companies, the bodies which reassure consumers of the safety of websites, pose a fundamental challenge to the security of the internet, claims CFC Underwriting today.
Graeme Newman, director at CFC says: “I would be very wary indeed of putting my credit card details into a web page at the moment, even when you think a site is safe, there’s no way of being sure any more.”
With more and more of us using the web to conduct our lives, digital certificates have become the main way consumers reassure themselves of the authenticity of a site before they input sensitive information such as credit card numbers or personal data.
But this summer, hackers gained access to Dutch digital certificate supplier DigiNotar and began issuing forged certificates. And it wasn’t a fluke. The same fate befell US firm Comodo and Japanese owned GlobalSign, demonstrating that the technology and willpower exist to perform this frightening type of attack. DigiNotar has just filed for bankruptcy, unable to cope with the fallout of the security breach. It’s not just security certificates that are under threat either. Researchers have recently discovered a serious weakness in SSL. The secure server, which is meant to protect data passing between webservers and end-user browsers and underpins the security of nearly every website from PayPal to Gmail, can now be silently decrypted by hackers making most online transactions vulnerable to eavesdropping and worse.
Newman continues: “The core infrastructure of the web is under attack. Much like the banking industry, the internet relies almost entirely on one important component – trust. Until recently, there has been a reasonable expectation that certain sites will be safe to use because trusted bodies such as digital certificate authorities assure us they are. The news of these hack attacks and the SSL vulnerabilities, however, call into question the fundamental security model upon which the internet operates, putting our trust on the line.”
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.
YOU MIGHT ALSO LIKE