[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ISN] VeriSign 2010 Hack: DNS Data Theft A Possibility
By Mathew J. Schwartz
February 02, 2012
Several successful hacks of VeriSign's network, in 2010, might have
compromised critical information relating to the Internet's domain name
According to information released by VeriSign in October 2011, "we have
investigated and do not believe these attacks breached the servers that
support our domain name system network." But the company didn't rule out
that information relating to the DNS network wasn't stolen in the
attacks, which occurred before some assets of the company were acquired
by Symantec in 2010.
VeriSign helps manage the DNS--which enables IP addresses to be mapped
to textual website names--as well as the ".com" top-level domain. But
the company also provides user authentication services, offers website
security services, conducts cybercrime research, and signs code, to
authenticate updates from such software vendors as Microsoft and Adobe,
as well as for Java.
Thursday, however, Symantec said that the attackers definitely hadn't
accessed certain critical systems. "The Trust Services (SSL), User
Authentication (VIP), and other production systems acquired by Symantec
were not compromised by the corporate network security breach mentioned
in the VeriSign Inc. quarterly filing," spokeswoman Nicole Kenyon said
via email. "Symantec takes the security and proper functionality of its
solutions very seriously."
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!