It's possible that the VeriSign hackers could turn the Web upside down and create an Internet where nothing would be what it seems. A hacker website could look and act just like your bank's website. Your PC could easily be tricked into downloading automatic software updates that would appear authentic but actually contain viruses. And no matter what web address you typed into your browser, you could be redirected to a criminal's website half-way around the world.
But there's important context to this story which might ratchet down the "Oh My God!" factor considerably. For starters, there is reason to believe that VeriSign's revelation is nothing more than evidence companies are starting to comply with rules forcing them to disclose such incidents: In other words, similar successful hacks like this may have occurred in the past but simply went unreported. We'll discuss the evidence for that in a moment. First, let's look at the possibilities raised by the VeriSign attack.
VeriSign is involved in two distinct, fundamental Internet security structures that could be impacted by this attack. A successful attack on one would be serious, but a raid on the other could threaten the Internet itself. So let's start there.
VeriSign's most critical function is its role in the Domain Name System address book, which governs what happens when Web users type common name Web addresses into their browsers. There are 13 "root" DNS servers placed strategically around the planet for redundancy. VeriSign operates two of them. Should a hacker gain access to this part of VeriSign's business, he or she could theoretically poison the other 11 root DNS servers, and the bad data would eventually spread to the other DNS servers. The consequences could be dire: It could mean that everyone who typed "msnbc.com" into a Web browser would be sent to a computer controlled by criminals, instead of the real msnbc.com website. A computer criminal with destructive intensions could theoretically ruin the database that maps names with IP addresses and effectively shut down parts of the Internet. It has long been discussed that these root name servers are perhaps the most vulnerable point of the attack on the Internet
But it's more likely that the agencies controlling the other 11 root Domain Name Servers would be able to regain control of the DNS table and restore the system within a day or two, if not within hours. As you might imagine, root DNS servers do disagree from time to time and there is a process for handling that.
It's also important to note that VeriSign, in the SEC disclosure which started this incident, claims that its DNS servers were not attacked by hackers.
"Access was gained to information on a small portion of our computers and servers. We have investigated and do not believe these attacks breached the servers that support our Domain Name System ("DNS") network," the firm wrote in the filing.
VeriSign's other crucial function is issuing digital certificates through its VeriSign Authentication Services group. Certificates impact your computer use every day because they tell your PC that a company's website or software is really what is says it is. Certificates are a crucial part of the SSL system that ultimately displays a friendly looking lock when you visit your online bank. They also identify the legitimacy of software updates sent to your computer by software makers. Many modern PCs won't install software unless it is digitally signed.
A hacker who could influence the way VeriSign issues certificates would be a massive problem for both consumers and corporations.
"VeriSign is one of the most important enterprise trust authorities in the world, which delivers people safely to more than half the world's websites,” wrote Catalin Cosoi, CTO of WhiteHat Security and director of the Online Threats Labs for BitDefender. “A certificate issued by VeriSign will automatically be accepted by both browsers and operating systems. This kind of incident practically voids all the security provided by 64-bit operating systems,"
In other words, hackers would have an easy time loading viruses onto PCs around the world.
That's terrible, but it's not new. Virus writers have been compromising certificate issuers with abandon for the past 18 months. It's one of the reasons that Stuxnet computer virus managed to infect millions of PCs worldwide. That also means structures are in place to deal with fraudulent certificates.
"The worst case scenario would be several phishing attacks with valid certificates that browsers will render as legit," Cosoi said. "This would potentially yield a huge level of data that could be exploited for financial gain. However, it’s important to remember that a strong anti-phishing solution will keep you protected."
oThis Build Web Business Th Author Asn Web Business 世界军事论坛 - 美国要干大事了,包括网络战,刚放出风声说verisign被黑u n Fat
yThis Build Web Business Th Author Asn Web Business 世界军事论坛 - 美国要干大事了,包括网络战,刚放出风声说verisign被黑a y Web Business Web Business Web Business