Cloud

5/16/2018
01:12 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Research Conducted By Comodo Ca Reveals That More Than 1 Million Distrusted Website Certificates From Symantec Remain In Use

Certificate Authority Aims to Help Businesses and Consumers Worldwide Increase Security of Professional and Personal Internet Usage and Prevent Potential Loss of Business

ROSELAND, N.J. – May 16, 2018 –  Comodo CA Limited, a worldwide leader in digital identity solutions, today revealed research results that identified more than one million websites using digital SSL/TLS certificates issued by Symantec Corp. now owned by DigiCert, Inc. that may be at risk. Using a two-step process, which included scanning publicly-available, Comodo CA-owned certification transparency log monitor and search tool (crt.sh) and further verifying via manual reviews of websites believed to be at risk of decertification, Comodo CA found more than one million website certificates worldwide that may be distrusted and will therefore have to be replaced to avoid disruption to the website, creating a significant business continuity and security issues for businesses and their customers. Failure to replace these certificates will result in site breakage in upcoming versions of major browsers, including Google Chrome and Mozilla Firefox.

“To help businesses and website owners worldwide ensure their sites remain trusted, Comodo CA has been carefully reviewing the universe of digital certificates to determine the scale and scope of distrusted certificates that still exist and help those affected to take swift and appropriate action,” said Bill Holtz, CEO, Comodo CA.

“While we were surprised by these findings, we felt it was critical to responsibly provide this information to help educate businesses and restore global trust and confidence in digital certificates, given their importance in areas such as e-commerce, global communication and the operation of IoT networks.”

“These efforts by Comodo CA demonstrate they’ve taken a leadership position in presenting some very real industry challenges,” said Robert Westervelt, Research Director, IDC Data Security Practice. “These findings are both interesting and a bit troubling.  The fact that we are still seeing more than a million distrusted certificates that are operational as of today, constitutes a big risk, particularly because remediation of the distrusted DigiCert certificates is a labor- and time-intensive process.  Also, release dates of major browser enhancements will be here very soon and this dynamic creates a major risk for enterprises globally and they need to be made aware of it. Otherwise, the financial impact could be significant if consumers cannot trust that websites are safe.”

Which Certificates are Affected?

Last year, Google, Inc., its Chrome team and the PKI community developed a plan to reduce and ultimately remove trust in certificates issued by Symantec, which are now owned by DigiCert. Google communicated that as of July 20, 2018, end users will see certificate error messages on websites that have not replaced these certificates. Additionally, Google has said that as of October 23, 2018, certificates issued by Symantec and now owned by DigiCert before December 01, 2017 will be distrusted and no longer considered valid.

Steps to Take Now

For businesses and website operators seeking to keep their websites operational, Comodo CA suggests the following guidelines:

  • Understand the underlying issues that led to Google’s decision to distrust Symantec, GeoTrust, Thawte & RapidSSL certificates; complete details can be found here in Google Security Blog
  • Scan your network to discover all active certificates in your environment
  • Identify those certificates that were issued prior to December 01, 2017with a Symantec CA root
  • Replace those certificates with a trusted root from a compliant Certificate Authority

 

Comodo CA Research Findings

The Comodo CA testing was completed using a two-step process.  The first step – completed on April 17, 2018 –  revealed that 1.2 million certificates issued by Symantec had not been replaced.  The second step – completed on May 4, 2018 – revealed that more than one million distrusted website certificates were still in use. 

The findings of this testing demonstrate that the unreplaced certificates are a global issue. Of the one million websites still at risk, roughly 25 percent were based in Germany; 15 percent in the United States; 13 percent in the UK; 5 percent in China; 6 percent in Japan with several other countries at 5 percent and below.

Comodo CA released these results to help raise awareness of this issue to businesses, website operators, resellers and consumers worldwide. 

 

About Comodo CA

A trusted advisor by enterprises globally for more than two decades, Comodo CA provides digital identity solutions for businesses of all sizes – protecting their employees, customers, intellectual property and overall brand – from damages caused by fraudsters impersonating people and devices. 

As the largest commercial certificate authority with over 100 million SSL certificates issued worldwide, Comodo CA has the experience and performance to meet the growing need to secure transactions and help create online trust. For more information, visit ComodoCA.com

 

# # #

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
Most Malware Arrives Via Email
Dark Reading Staff 10/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
CVE-2018-18375
PUBLISHED: 2018-10-16
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data (name, number, username, and password) via the rand parameter.
CVE-2018-18376
PUBLISHED: 2018-10-16
goform/getWlanClientInfo in Orange AirBox Y858_FL_01.16_04 allows remote attackers to discover information about currently connected devices (hostnames, IP addresses, MAC addresses, and connection time) via the rand parameter.
CVE-2018-18377
PUBLISHED: 2018-10-16
goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows attackers to reset a router to factory settings, which can be used to login using the default admin:admin credentials.
CVE-2018-17534
PUBLISHED: 2018-10-15
Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.