Sign In

Communications of the ACM

ACM TechNews

Authenticity of Web Pages ­nder Attack By Hackers


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Internet photo

Credit: Courtesy of zenzimarketing.com

The underlying security of the Internet is under attack, and security professionals have become very concerned about their ability to protect users' most sensitive personal information, such as account logons and credit card numbers.

One recent attack involved three of the more than 650 digital certificate authorities (CAs), which ensure that Web pages are legitimate when displayed on Web browsers. A hacker gained access to digital certificate supplier DigiNotar and began issuing forged certificates for several companies. "The infrastructure baked into the Internet, which is based on trust, is starting to fall apart," says Zscaler's Michael Sutton.

The successful hacks demonstrated that it is possible to impersonate any site on the Web, according to AppSec's Josh Shaul. "No one knows where the next breach will occur," says Venafi CEO Jeff Hudson.

F-Secure's Mikko Hypponen notes that hackers currently are targeting personal data from email services, social networks, credit bureaus, and blogging sites. The hacks put pressure on CAs and browser makers to do more to identify and quickly stop counterfeit certificates and faked Web pages.

"The security of the Web is our collective responsibility," says Mozilla's Johnathan Nightingale.

From USA Today
View Full Article

Abstracts Copyright © 2011 Information Inc. External Link, Bethesda, Maryland, USA 


 

No entries found