DigiNotar Security Breach

1919 Words8 Pages
4.5.1 Incidence Response Team In order to have an effective incident response plan in place, an incident response team is generally established. An incident response team is ‘assembled by representations from different departments, which together help to oversee the handling of an incident and manage in the best possible way’ [16]. One of the certainties in the field of Information Security is the occurrence of a security incident. Though the severity of the security incident may vary widely but if an organization is well prepared with a well formulated procedure to respond along with an effective incidence response team. An incidence response team is meant to have ‘familiarity with the systems and need to be readily available for better coordination and response’ [17]. A relationship with other external security agencies can further help in early recognition of new potential threats and strategies to overcome them. It is very import for an Incident Response Team to have support from the senior management and sufficient authorities to carry out their work to protect the organization. An Incidence Response Team can be compared to a fire department. It deals with the security breaches in the same way as the fire departments puts off a fire. As the fire department also provides ‘supplementary services like fire safety education and drills, similarly, an incident response team can also organize training for safety awareness and help with safe program developments’ [18]. This would ultimately help the organization to reduce their response time and make their response more efficient. A plausible Incidence Response Team comprises of members with diverse set of technical and inter-personal skills. It is an essential trait for the member t... ... middle of paper ... ...hrough distributed computing, that is thousands of infected machines computing power [10]. 4.6.1 Understanding the organized method of DigiNotar attack The same hacker, who had also attacked Comodo, another company that deals in Secure Socket Layer (SSL) certificates, claimed the responsibility for the attack on DigiNotar. ‘The hacker calls himself “Comodohacker” and is suspected to be a part of Turkish origin and working in an organized group. Though as per the interviews given by him, he is a 21-year old student from Iran, who breached DigiNotar in order to “punish” the Dutch governments over the actions in Bosnian War, Srebrenica in 1995. As a result of issuing of fraudulent certificates, more than 300,000 IP addresses have been compromised, which might have resulted in interception of users’ online communications. Most of the compromised IP addresses were from

More about DigiNotar Security Breach

Open Document