Reuters revealed just a few days ago that VeriSign was repeatedly hacked during 2010. And the news release may never have happened if it weren't for new guidelines on reporting security breaches to investors. Once the quarterly U.S. Security and Exchange Commission filings were revealed, Reuters researchers scoured more than 2,000 documents mentioning the breach.
Most security experts describe the news as incredulous. How could this go on for so long without anyone bothering to do or say anything? As TIME Magazine pointed out:
We're not talking about McDonald's getting hacked. Even the security breach of Sony's PlayStation Network, which put millions of people's personal information at risk, wasn't this bad. We're talking about the breach of a company that, in its own marketing materials, boasts that "more than half (56%) of the world's DNS hosts rely on the Verisign .net and .com infrastructure." The fact that a company this big and this central to the Internet would wait so long to reveal it had been attacked is unacceptable.
This was a total meltdown of the security process. No one bothered to notify senior management and the breach was kept hidden from the public. Even scarier is that VeriSign doesn't seem to think it is that big of a deal. As Reuters stated:
VeriSign said its executives "do not believe these attacks breached the servers that support our Domain Name System network," which ensures people land at the right numeric Internet Protocol address when they type in a name such as Google.com, but it did not rule anything out.
Of course, general outrage is being expressed now and a few calls that there has to be a change in what type of breaches need to be disclosed and how soon. Of course, we don't know when - or if - anything will change after this VeriSign news. That's why now, more than ever, companies need to keep a close eye on the VeriSign certificates. As Mandeep Khera, CMO with LogLogic, told me:
Organizations can keep logs of these certificates while watching for unusual network activities, with the assumption that the keys to the kingdom' might have been compromised. Security has to become a paramount issue for all companies from network to application to monitoring logs on a regular basis if we ever want to have a fighting chance against hackers.