Cyber experts have warned businesses of the growing threat of hacked and hijacked digital certificates.
US firm Cyemptive Technologies, a provider of preemptive cybersecurity products and technology has warned of continuing dangers to businesses and government entities from hacked and hijacked digital certificates.
The firm said: “Digital certificates are hacked and harvested on an average of every 10 minutes or less,” said Rob Pike, founder and CEO of Cyemptive. “In the past, companies have focused on issuing patches; however, less than one percent of the market has actually replaced their digital certificates and keys. The result is that most organisations are still vulnerable to cyber hacks and hijacking through their digital certificates.”
According to industry research, hacking or hijacking of digital certificates has been a growing cybersecurity threat for enterprises of all sizes especially in the past year. Digital certificates are an important part of the security mix for businesses and government entities, offering an extra layer of security by providing electronic “passwords” that allow people and organisations to securely exchange data over the Internet. Computers whose digital certificates are compromised, open themselves to malware attacks that can gain full access to the computer, stealing any information it finds.
“Even if companies have taken measures to update their libraries, it is important for them to replace their digital keys and certificates as well,” said Mr Pike. “Although the library may be patched, the digital certificate has already been exposed in clear text and extracted over the past year, especially from the top businesses today. The market needs to quickly regenerate new keys, certificates and make sure the patches are applied.“