In the following assignment, a technical report about a particular organization has been provided regarding the Comodo certificate fraud hack. The chosen organization which has been assessed in the assignment has been chosen as a medium sized organisation which deals with commercial transactions electronically. The name of the organization that has been chosen is Dotti and employs approximately 100 people. The security risks that the certificate hack has over the mentioned organization has been assessed conclusively and a well justified, feasible and cost effective solution has been provided to maintain the integrity of the security network.
Dotti is a fashion online retail store that conducts its business through the internet for commercial transactions. The medium sized organization was founded more than a decade ago but recently after the acquisition by The Just Group the company has expanded extensively throughout New Zealand and Australia. The company launched its online store in 2012 and plans to conquer the fashion industry of Australia within a span of 10 years (Dotti Online Shop 2018). The company deals with a number of fashion items such as dresses, tops, jackets, bottoms, shoes and other accessories.
Every company including Dotti has to use a digital certificate to identify who is initiating the transaction and associate it with the public key. The certificate is then associated with the web service of the private company (here Dotti). The certificate is then recognized by the CA or Certification Authority which is an amalgamation of trusted parties. These certificates are normally used for public key cryptography. Whenever a customer requires a request for transaction from the mentioned company, the CA produces a digital certificate after verifying the certificate of the applicant. These registration verification of the certificates (of the customers) can be done by anyone as the digital certificates are maintained by the CA in a public register (Comodo certificate hack 2018). Every certificate that is associated with Dotti has a validity for a particular time.
After news broke out that the Certification authority or CA called Comodo was duped by an Iranian hacker it caused a major concern in the IT community. The community has even urged prominent companies like Mozilla and Microsoft to remove Comodo as a proper trustable root security authenticator (Comodo hack may reshape browser security 2018). A site was compromised at fast which had a hard coded password and login name as per the statement of the Iranian Hacker and certificates were randomly generated for prominent websites such as Yahoo, Skype, Live.com and Google for targeting the attack (LOO 2017). In this way, the Public key infrastructure or PKI and the digital certification integrity of the company was compromised which can put the company at serious risk if proper steps are not taken.
Due to the hack, since 2011, major companies have been attacked without prior notification which had some serious repercussions. The registration server of the mentioned company (Dotti) can get compromised due to the certification hack. The partners which are currently working for the mentioned company can also get compromised and their passwords and login details can be stolen through the exploit. The exploit can be used to issue different digital certificates and can be used in several countries if it is not discovered immediately causing huge damage for the company financially as well as in reputation (Independent Iranian Hacker Claims Responsibility 2018). As a website’s legitimacy is validated through SSL certificates, it assures the user that they have connected to the actual site. The hack could potentially transfer the user traffic of the company to a fake site and cause irreparable damage to its reputation. Moreover, Dotti could also get affected by several lawsuits due to failure of discovering the vulnerability and revoking it as soon as possible. The basic security of the site will get compromised and users will refuse to perform online commercial transactions from Dotti’s website which will affect their profit margin as well. Hackers will be able to intercept the sensitive data that goes between the site and the browser which is normally encrypted (Comodo hacker 2018).
Moreover, the generation of fraudulent certificates can allow the hackers to put in attack tools in the server itself that can be used to compromise it later. Even after issuing of the certificates are closed, the hackers will be still able to compromise the system internally. The CA infrastructure can be compromised and valuable user information can be stolen like transaction credentials which can put Dotti at serious risk considering that it is yet to become a large scale corporation to compete effectively in Australia with its other retail competitors. The hackers can also implement DDoS tool in the server which can remain dormant in the server for around 4 years if it is left undiscovered (How Cybercrime Exploits Digital Certificates 2018). Data breaches will become common for the company which will result in the loss of its customers. The hackers will be able to carry out other illicit activities such as malware diffusion, sabotage and cyber espionage.
The hackers can use the Comodo certificate hack as a medium to get into the PKI environment. They can use the hack to improve the diffusion of malwares in the server of the mentioned company, Dotti. As Comodo is envisioned as a trusted entity, the attackers can easily manipulate a company’s website to sign malicious codes as well as reducing the chances of malware detection (Solo Iranian hacker takes credit for Comodo certificate 2018). The attackers can also remotely install Trojan into the company’s server disrupting every transaction that happens in the database of the company. They can compromise the build server of the mentioned company by signing the malware through other digital certificates such as Adobe along with Comodo to increase the chances of fair validation of codes. They will also have the capability to install infected ISAPI filter, password dumper and a number of malicious codes. They can also create new trojans with the stolen digital signature and enhance it to prevent detection.
Dotti, being an online fashion retailer has to go through a number of digital signatures to check which institution issued and which person signed the certificate. The Comodo certificate hack can result in the loss of identity for the customers resulting in serious implications. The certificate hack could lead to stealing of other digital certificates and valuable information with the help of malicious agents (Parkinson 2014). The associated malicious certificate can fool the users in thinking that the site of Dotti is actually real, when it isn’t and is just a medium for phishing passwords and login IDs.
The proposed solution for Dotti for tackling the mentioned situation is by appointing a security researcher who will have access to the SSL black list that has a collection of the digital certificates like Comodo which are used for malignous purposes (Zhu, Amann and Heidemann 2016). This list was created by a Swiss organization named Abuse.sh and has been part of major investigations regarding botnets and Trojan viruses. To conduct the online commercial transactions securely, checking the SSL black list from time to time is a well justified and cost effective solution. Dotti can also create a map of SHA1 fingerprints which are linked to botnet and malware activities. The Black list will also enable the mentioned company to detect C&C traffic like Shylock and VMZeuS (Specter 2016). Dotti needs to keep a track on the latest digital certificate abuse news to keep a track on internet surveillance and malware distribution. The list will allow Dotti to prevent cyber-attacks and maintain their online transactions secure in the future. The security expert, if appointed by the company will be able to deal with future botnet and malware operations reliably after the database of the affected certificates like Comodo certificate matures (Tschofenig and Gondrom 2013).
The company needs to update its software regularly to prevent the hackers from getting a backdoor into the online transaction server. The risks from the Comodo certificate hack can also be reduced by backing up the website data regularly by creating manual and automatic backups. The XSS or cross site scripting and SQL injections need to be monitored carefully through queries which are parameterized to check unusual insertion of codes in the server of the mentioned company (Weaknesses in SSL certification exposed by Comodo security 2018). Usage of strong passwords is mandatory and double authentication should be made mandatory for every user of the company’s website. The second password can be created through SMS, hard and soft tokens (Khan et al. 2018). The hack could potentially transfer the user traffic of the company to a fake site and cause irreparable damage to its reputation. Moreover, Dotti could also get affected by several lawsuits due to failure of discovering the vulnerability and revoking it as soon as possible. The company needs to appoint a proper security team which will have the ability to check uploaded files with suspicion and monitor the activity of the uploaded files.
Special software such as web application firewall can be used by the company to filter any hacking attempts and provide an extra layer of protection. To protect its customers, Dotti can remove the auto fill option from its website to prevent the hackers from stealing sensitive customer information (Preneel 2015).
Dotti can also create its own register of digital certificates just like Google (which has its own database known as Certificate Transparency Project) to detect SSL certificates which are wrongfully issued by CA like Comodo from a certificate authority which is unimpeachable.
Conclusion
To conclude the report, it can be stated that Dotti needs to properly enforce the proposed solution as soon as possible to prevent any future damage to its reputation. In the technical report, the cyber security issue has been discussed conclusively and the seriousness of the concern has been highlighted with respect to the mentioned company. The report discusses the risks that the company can face due to the Comodo Certificate hack and proposes several solutions that can be implemented to reduce the chances of a security threat from the discussed problem. The company needs to implement proper public key cryptography and impose several authentication steps to prevent the loss of information during an online transaction. As the company has recently started the online fashion retail platform, the solutions need to be implemented immediately so that the company can stay above its competitors in terms of customer information security and data integrity.
To prevent the Comodo Certificate hack from affecting its organizational performance and online transactions, Dotti needs to consider the following recommendations:-
References
Comodo certificate hack—it gets worse – bravatek.com. [online] Available at: https://bravatek.com/comodo-certificate-hack-it-gets-worse/
Comodo hack may reshape browser security – CNET. [online] Available at: https://www.cnet.com/news/comodo-hack-may-reshape-browser-security/ [Accessed 2018].
Comodo hacker: I hacked DigiNotar too; other CAs breached …. [online] Available at: https://arstechnica.com/information-technology/2011/09/comodo-hacker-i-hacked-diginotar-too-other-cas-breached/ [Accessed 2018].
Dotti Online Shop | Shop the Latest Womens Clothing, Dresses & Fashion [online]. Available at: https://www.dotti.com.au/ [Accessed 2018]
How Cybercrime Exploits Digital Certificates. [online] Available at: https://resources.infosecinstitute.com/cybercrime-exploits-digital-certificates/ [Accessed 2018].
Independent Iranian Hacker Claims Responsibility for …. [online] Available at: https://www.wired.com/2011/03/comodo-hack/ [Accessed 2018].
Khan, S., Zhang, Z., Zhu, L., Li, M., Safi, K., Gul, Q. and Chen, X., 2018. Accountable and Transparent TLS Certificate Management: An Alternate Public-Key Infrastructure with Verifiable Trusted Parties. Security and Communication Networks, 2018.
LOO, W.S., 2017. Digital certificates: success or failure?.
Modi, S.N., 2016. ROLE OF TRUSTMARK IN ECOMMERCE. International Journal for Innovations in Engineering, Management and Technology, 1(1), pp.35-40.
Parkinson, S.F., EMC Corp, 2014. Certificate crosschecking by multiple certificate authorities. U.S. Patent 8,850,208.
Preneel, B., 2015, May. Cryptography and Information Security in the Post-Snowden Era. In [email protected] ICSE (p. 1).
Solo Iranian hacker takes credit for Comodo certificate …. [online] Available at: https://www.computerworld.com/article/2507258/security0/solo-iranian-hacker-takes-credit-for-comodo-certificate-attack.html [Accessed 2018].
Specter, M.A., 2016. The economics of cryptographic trust: understanding certificate authorities (Doctoral dissertation, Massachusetts Institute of Technology).
Tschofenig, H. and Gondrom, T., 2013. Standardizing the Next Generation Public Key Infrastructure. In Proc. of the Workshop on Improving Trust in the Online Market-place.
Weaknesses in SSL certification exposed by Comodo security …. [online] Available at: https://www.infoworld.com/article/2623829/authentication/weaknesses-in-ssl-certification-exposed-by-comodo-security-breach.html [Accessed 2018].
Zhu, L., Amann, J. and Heidemann, J., 2016, March. Measuring the latency and pervasiveness of TLS certificate revocation. In International Conference on Passive and Active Network Measurement (pp. 16-29). Springer, Cham.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download