How the 2011 DigiNotar Attacks Changed Cybersecurity for the Next Decade


The DigiNotar attack in 2011 set itself apart because it was an attack on the cybersecurity industry itself. Most attacks are on a single company. But this one shook trust in cybersecurity tools and how users decide whom to trust online. After covering this industry for years, I’ve seen firsthand how cyber attacks don’t happen in a vacuum. Instead, attacks create a spider web, with some attacks inspiring others in style. Meanwhile, others take vulnerabilities found in a previous attack and take them to a new level.


To me, this one was even more unique because it attacked our trust. So I decided to delve more into this attack. How did an incident like this affect the industry and users going forward?


DigiNotar Took Advantage of Poor Training 


To fully understand the impact, I needed to start by finding out exactly what happened.


DigiNotar, a certificate authority (CA), became vulnerable in the summer of 2011. They didn’t follow basic cybersecurity processes, including patching web servers and following password protocol.


It’s shocking that these issues happened at a company whose job was ensuring other companies were following security protocols. But it can be hard to control the actions of a single staff member or a handful of employees, especially when they’re remote.


So many issues start from a single misstep by an employee. Companies can avoid them with more regular training or better processes. The best tech in the world can’t make up for creating a culture of cybersecurity. You’re safer if every person, from th ..

Support the originator by clicking the read the rest link below.