Security Management Strategies for the CIODigiNotar, a Dutch certificate authority, has filed for bankruptcy protection only two weeks after a security audit found major lapses in the firm’s defenses, which resulted in a successful attack of its digital certificate systems.
A court in the Netherlands declared the company bankrupt on Tuesday and began managing the company as it proceeds through the bankruptcy process. A Trustee will supervise the liquidation of all DigiNotar assets, the firm’s parent company, VASCO Data Security International Inc., said in a statement.
“Although we are saddened by this action and the circumstances that necessitated it, we would like to remind our customers and investors that the incident at DigiNotar has no impact on VASCO's core authentication technology,” T. Kendall Hunt, VASCO’s chairman and CEO, said in a statement.
Hunt said the PKI/identity verification technology acquired from DigiNotar would be integrated into VASCO’s core authentication platform. The company would also continue to cooperate with the Dutch government in its investigation of the breach, he said.
“We expect that a significant portion of the value assigned to the intellectual property acquired from DigiNotar to continue to have value as we incorporate the technology into our existing product line,” Hunt said.
The DigiNotar
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
security breach echoed around the world, after researchers discovered that the
attacker was able to get the firm to issue fraudulent SSL certificates for several high-profile
sites, including Google. The attack enabled the Iranian-based hacker to potentially read Gmail
messages. It also prompted browser makers to issue critical security updates, blacklisting
the DigiNotar certificates. Hundreds of rogue DigiNotar digital certificates were created for
other high-profile domains.
Security experts said the certificate authority breach and previous breaches, including one at a subsidiary of U.K.-based certificate authority, Comodo Ltd., highlight the weaknesses in the current digital certificate system. They say alternatives currently under development would be able to verify the authenticity of a website without using a digital certificate.
~Robert Westervelt, News Director
Join the conversationComment
Share
Comments
Results
Contribute to the conversation