Security firm Symantec was forced to fire 3 employees after Google engineers discovered fake SSL certificates issued to name of the company and was being used by fraudsters.
SSL certificates are one technology, μέσω της οποίας τα προγράμματα περιήγησης και οι πάροχοι υπηρεσιών Web μπορούν να δημιουργήσουν ασφαλείς συνδέσεις και εξουσιοδοτημένα κανάλια επικοινωνίας.
They are used billions of times each day and have become a common practice for securing communications between users and banks, online stores, social networks, and any website that wants to protect its users and their private data from hackers and uninvited government services .
Those authorities are responsible for issuing the certificates or Certificate Authority (CA). There are many CAs around the world, and all are recognized by trusted manufacturers. They only issue certificates to trusted customers.
One of these is CA and Symantec, a cyber security company known mainly by Norton antivirus.
This Friday, September 18, Google technicians working on the Certificate Transparency, a service that checks for false SSL certificates on the Internet, discovered several counterfeit Google.com SSL certificates issued by Symantec. These dangerous certificates were also observed by DigiCert technicians.
What's worse, of course, is that these certificates were issued with an “Extended Validation” label, meaning that Symantec had allegedly performed additional controls. This information has not been officially confirmed by Google or Symantec in their press releases.
Google has already moved on black list the said certificates. Since the information was leaked, Google and Symantec do not believe it could be used in real attacks.
If hackers had more time, using these fake SSL certificates could do MITM (man-in-the-middle) attacks to intercept secure communications.
Please note that 2011 had happened since the Dutch company CA DigiNotar was violated and hackers were able to issue hundreds of fake certificates. Some of these SSL certificates (also issued in the name of Google) were used by the Iranian government to spy on political dissidents.