Hacked Dutch Computer Certificate Authority did not even have anti-virus software installed
The DigiNotar hack essentially blew a hurricane-strength breeze at the fragile house of cards built by certificate authorities. There are too many of them around the world, and many of them subcontract the issuing of certificates to third parties who aren’t thoroughly vetted.
One would think DigiNotar, which was so prominent that the Dutch government had it handle its own certificates, would take extra precautions to keep itself secure, seeing as so many important Web domains rely on it, but clearly, that wasn’t the case.
A report from Fox-IT, the security auditors hired to investigate the DigiNotar breach — Fox-IT called the hack “Operation Black Tulip” — found that DigiNotar had been compromised for more than a month without taking action.
That’s not the most glaring oversight; all of the SSL certificates belonged to a single Windows domain with a weak password, allowing the hacker to access them all in one swoop, Fox-IT found.
Perhaps the most disturbing findings: “The software installed on the public Web servers was outdated and not patched,” Fox-IT wrote, and “No anti-virus protection was present on the investigated servers.”
