VeriSign web security breach is warning fo remanufacturers
2 mins read
The VeriSign web security breach, which has only just been revealed after 18 months, is precisely what analyst Gartner warned about in a recent report, citing certificate management as a problem that most companies don't realise they have.
So says Jeff Hudson, CEO of enterprise key and certificate management software firm Venafi, who believes that the news should not be a surprise to anyone.
"Hackers have been targeting and breaching high-value targets like RSA, Comodo, DigiNotar, and now add to the list, VeriSign," says Hudson.
"These targets are all trusted third-party providers of certificates, services or secure tokens – technologies that are extensively used to authenticate and create trusted relationships on the Internet and within organisations worldwide," he continues.
"The inescapable conclusion is that these providers will continue to be compromised: the breaches cannot be stopped.
For manufacturers, he says, the issue is that too many are unaware of the link between automated production lines and SSL certificates in a connected world.
"The expiry of a single certificate can result in hours, if not days, of lost production and revenue. As in the case of Stuxnet, a single certificate embedded in malware resulted in damage to processes and systems," he asserts.
"Airline manufactures, automotive plants and utility suppliers have all been the victims of either rogue or unmanaged certificates, resulting in lost revenue. When one realises that it can take up to a day to replace a single certificate, the damage resulting from having to find and replace every certificate on a line is incalculable," warns Hudson.
All the more so, if this is due to a compromise of the certificate authority itself.
"The problem very often is that organisations forget the small details, and although they may have catered for many scenarios in the event of a production line outage, small things called certificates are overlooked.
"After all who would have thought that a production line used certificates. Today, I don't need to throw a spanner in the works: I just need to get access to the certificate – or the certificate authority."
For him, part of the protection solution is for companies to harness multiple third-party providers. If one is compromised, then they can switch to another that isn't.
Further, he says that organisations must have recovery plans in place "to replace any certificate or service that has been compromised and get it done within hours, not days or weeks".
Hudson's advice is that being prepared with a rapid response is about the only best response.
"The foundational question is not if these third parties will be breached, because there is significant evidence that the breaches will continue. The question becomes: how fast can one switch to another service or certificate when the next breach occurs."
