Dutch Certificate Authority Gemnet Forced Offline by Attack

Dutch certificate authority Gemnet has been forced offline as attackers exploited an unprotected administrative page to take control of the company's website.

KPN, Gemnet's parent company, has been quick to address fears that the attack could put users of its secure socket layer (SSL) certificates at risk, stating that the certificate signing and key storage systems were not affected in the attack.

The Gemnet incident is the third high-profile attack on Dutch certificate authorities in recent months, with parent company KPN's Corporate Market suffering a server breach back in November and separate company DigiNotar forced into bankruptcy by an attack which allowed false certificates to be generated under its key.

According to local news site Webwereld, the attackers were able to gain access to Gemnet's web server through an unprotected phpMyAdmin control page, which allowed manipulation of the site's SQL database without a password.

"If the information shared with Webwereld by this attacker are true, even the most basic of penetration tests would have discovered major problems with their implementation," Chester Wisniewski, senior security advisor at anti-virus expert Sophos, explained of the attack.

"It is critical that organisations who have public facing internet services regularly audit what services are available, rotate passwords for critical systems and regularly test their web applications for SQL and other vulnerabilities."