Four-year-old hack raises SSL alarm

A security breach at the secure socket layers (SSL) certificate issuing authority of Dutch telco KPN has gone undetected for four years.

The company's Corporate Markets division announced on Friday that it has stopped issuing SSL certificates because in 2007 hackers compromised one of its servers.

Previously issued certificates from KPN Corporate Markets remain in play, although there is an outside chance that they may have been compromised, the company confirmed.

It has replaced its web servers and says it will also not issue any further SSL certificates until the break-in has been fully investigated.

The hack only came to light when, alarmed by more recent break-ins at other certificate authorities, KPN ran a thorough check of its servers, where it found previously undiscovered software used in denial-of-service (DoS) attacks.

According to the SSL Observatory at the Electronic Frontier Foundation (EFF), there are over 650 certificate authorities, operating in more than 50 countries.

Browsers accept sites displaying valid certificates (https sites) without question. So by compromising a certificate issuing authority, hackers can issue valid certificates for sites built for criminal intent that are disguised by masquerading as genuine, such as a bogus online banking site.

By checking certificate revocation records from issuers, EFF's researchers reckon at least four certificate authorities have been compromised in the period from July to October this year.

Certificates are revoked frequently for reasons unconnected with hacking, such as cessation of operation or key loss. But the EFF found 248 cases where the reason for revocation was that the certificate authority had been compromised.

Up to June 2011, only 55 certificates were revoked for this reason. The 193 certificates revoked since then were issued by four certificate authorities.

However, that accounts for only the instances where the issuer gave a reason for the revocation. In the majority of over 900,000 revocations the issuer gave no reason.

Last week, Microsoft and Mozilla revoked trust in certificates issued by Digicert, a Malaysian certificate authority, because 22 Digicert certificates were found to use weak 512-bit keys and contain other technical problems.

The certificates in question were issued to a mix of Malaysian government web sites and internal systems.

"There is no indication that any certificates were issued fraudulently, however weak keys have allowed some of the certificates to be compromised," wrote Jerry Bryant, group manager of response communications in the Trustworthy Computing division at Microsoft.

An attacker could use one of these weak certificates to impersonate the legitimate owners, Mozilla officials said in the firm's security blog. "This could deceive users into trusting web sites or signed software appearing to originate from these owners, but actually containing malicious content or software."

The revocation was implemented in updates with Firefox 8.0 and 3.6.24.

Criminal activity is not the only source of compromised certificates, opines the EFF's Peter Eckersley.

Governments looking to entrap dissidents or use hacking to secure military or industrial secrets from rivals could also order a domestic certificate authority to produce a malicious certificate for any domain.

"There is circumstantial evidence that this may happen," Eckersley said.

While properly implemented SSL is likely to protect against criminals with limited time and resources, security experts doubt it could withstand attacks from state-funded hackers.