Hackers stole data from VeriSign in 2010

Attackers repeatedly hacked VeriSign's network and stole information in 2010, the company revealed in a quarterly regulatory filing.

 

The Internet infrastructure provider did not disclose what information was stolen or other details of the attacks in its 10-Q report filed in October with the U.S. Securities and Exchange Commission that was reported on by Reuters today.

"In 2010, the Company faced several successful attacks against its corporate network in which access was gained to information on a small portion of our computers and servers," the company wrote. "Information stored on the compromised corporate systems was exfiltrated."

The company said it did not believe attackers had breached the servers that run the domain name system (DNS) network, a key piece of infrastructure that directs people to the correct site when they type in a Web address. A compromise of the DNS system could allow attackers to redirect Web surfers to malicious sites or to intercept government or important e-mail communications.

The disclosure was in the "Risk factors" section of the filing, under a heading titled: "We experienced security breaches in the corporate network in 2010 which were not sufficiently reported to Management."

VeriSign's information security group was aware of the attacks shortly after they occurred, sometime in 2010, the filing said. Meanwhile, management was not informed until September 2011.

"Given the nature of such attacks, we cannot assure that our remedial actions will be sufficient to thwart future attacks or prevent the future loss of information," the filing said. "In addition, although the Company is unaware of any situation in which possibly exfiltrated information has been used, we are unable to assure that such information was not or could not be used in the future."

It's unclear if the breach affected a previous VeriSign business selling Secure Sockets Layer (SSL) certificates to Web sites that are used to indicate encrypted connections. Symantec bought VeriSign's certificate business in summer 2010. Symantec spokeswoman Nicole Kenyon told Reuters that "there is no indication that the 2010 corporate network security breach mentioned by VeriSign Inc was related to the acquired SSL product production systems."

Asked for comment, VeriSign provided CNET this statement: "We cannot provide any further information than what is included in the 10-Q document Verisign filed on October 28, 2011."

Reuters discovered the VeriSign disclosure during an examination of more than 2,000 corporate documents that were filed since the SEC published new guidelines for reporting security breaches.

The disclosure is reminiscent of a public announcement RSA made last year of a "sophisticated" targeted cyberattack that led to data theft that put millions of customers of its SecurID authentication tokens at risk. There also were breaches at other certificate authorities, including GlobalSign, DigiNotar, and Comodo reported last year. And in 2010, Google went public with news that it had been the victim of a targeted attack, likely from China.

Posted by Elinor Mills, "http://news.cnet.com/8301-27080_3-57370588-245/hackers-stole-data-from-verisign-in-2010/?tag=mncol"