Now Hackers Forging Secure Websites

Many of us are getting indulged in online shopping these days. Most of us are already online shopaholics, who do all the shopping from grocery to Christmas through online sellers. You get all the options of buying almost everything from the Internet now that include gadgets, toys, books, music, movies, gifts, jewelry, etc.

The delivery mechanism of these online sites is also perfect, which is another major convenience you get. So there is, as such, no major problems associated with online shopping other than cyber security. Thankfully, people nowadays are more concerned than earlier in this regard. Reports say that many people are now realizing the importance of online security. They do pay attention to small details and take all possible measures to keep their systems and browsing safe from online hackers. They change their passwords regularly and keep different passwords for different websites.

People now even know what https is. Many people now look for the https link (https:// in the address bar) first before continuing surfing on a site. It actually means that the site contains a security certificate from a trusted company. Ideally, it should mean that the site is safe, but is it really so?

You would be surprised to know that three of the companies that provide these security certificates have themselves been hacked in past few months. And DigiNotar, which is the latest one to be hacked, filed for bankruptcy last week. So, what does this mean?

Peter Berghammer, senior strategist for Public Communications Worldwide, said, “So, they’re taking that certificate and spoofing another website. So, you think you’re going to secure website ‘xyz’ and the certificate says so. But, it’s actually a malicious website. Sure, they could be harvesting information.” He further said, “I don’t believe in any ultimate security. I think anything can be breached ultimately.”

Well, there is definitely a need of government intervention and overall supervision on this whole story. Berghammer himself supports the idea of having an international group to keep a check on the security companies and possible vulnerabilities anywhere.