- About KEYW
Hackers have increased their attacks on certificate authorities in recent years, but many of those at risk have failed to do anything about it. To help combat this problem, the National Institute for Standards and Technology (NIST) has released guidelines to help companies and government agencies prepare for and respond to these types of attacks.
The NIST recommends companies make sure they keep all their certificates secure, whether internally or externally. If a data breach does occur and the key is stolen, there must be an emergency plan in place to revoke the certificates. Because detection is not always immediate and organizations often are under-prepared, many incidents are responded to poorly.
According to Dark Reading, both private and public sector organizations are guilty of failing to keep detailed accounts of digital certificates, putting themselves at risk.
"Most organizations have not done a good job tracking their certificates and who owns them," Paul Turner, vice president of Venafi, which co-wrote the NIST report, told Dark Reading. "Most organizations are not even close to prepared."
One of the most prominent examples of a certificate authority breach was brought to light in June, when it was revealed that the Flame virus was signed with a rogue Microsoft certificate, according to Ars Technica. Through this, the virus was able to trick administrators and users into trusting the malware.