The websites of the center for issuing electronic signatures of the Foundation Center have come under attack and are now unavailable

On the night of September 11, the infrastructure of the center for issuing electronic signatures of the Osnovaniye UC, which includes JSC Analytical Center and JSC Unified ES Portal, was subject to a cyber attack, as a result of which the company’s websites became unavailable, and the process of issuing ES stopped, writes Kommersant “with reference to the center’s statement. At the moment, the sites uc-osnovanie.ru and iecp.ru are still unavailable.

Image source: TheDigitalArtist/Pixabay

The letter published by the company states that “currently, the issuance of new certificates for electronic signature verification keys has been suspended; together with the National Coordination Center for Computer Incidents subordinate to the FSB, an audit of the incident is being conducted, and work is underway to restore the functionality of the certification center.” The resumption of issuing certificates was scheduled for September 12, but so far no progress has been observed.

The letter noted that Analytical Center JSC does not store electronic signature keys, so an attack on its information resources could not affect or compromise clients’ electronic signatures. “The infrastructure associated with the software and hardware complex of the CA was not damaged, it is impossible to talk about compromising the keys, and those who already have an electronic signature do not need to issue a new certificate,” commercial director of the CA Alexey Senchenkov confirmed to Kommersant.

Reportedly, the attack was carried out using the defacement method (substituting an inscription or picture on the website) – on the organization’s websites (uc-osnovanie.ru and iecp.ru) the inscriptions “Your certificates are in good hands” were posted, as well as an announcement that the certificates will subsequently be sold. According to Senchenkov, the attack was carried out from resources in the USA, the Netherlands and Estonia.

As Alexey Korobchenko, head of the cybersecurity department of the Security Code, noted, organizations such as Osnovanie UC have a layered cybersecurity system, including segmentation of the internal corporate network, multi-factor authentication, etc. This is quite enough to ensure reliable data protection.

At the same time, the head of the network technologies department at Angara Security, Denis Bandaletov, warned about possible problems with CRLs – lists of “revoked certificates”, with the help of which the authenticating resource verifies the legitimacy of the connecting user through an electronic signature. If they are unavailable, it is impossible to authenticate on any resource. “Also, the unavailability of the CRL will cause the inoperability of related resources that checked authentication certificates on these portals,” the expert said.

admin

Share
Published by
admin

Recent Posts

Vivo X200 Ultra flagship smartphone to get removable lenses from Zeiss

Smartphone manufacturers are exploring various, including radical, ways to improve the quality of shooting -…

6 hours ago

“Sorry, but it’s not true”: Insider denies rumors about Titanfall 3 release in 2026

The story about the sci-fi shooter Titanfall 3, which is in development at Respawn Entertainment,…

6 hours ago

Elon Musk’s Massive Layoffs of Officials Hurt Autopilot Implementation in the US

Back in February, it became known that the punishing hand of Elon Musk, in his…

6 hours ago

Amazon’s First Batch of Kuiper Internet Satellites Launch Fails

The launch of a United Launch Alliance Atlas V rocket carrying 27 Amazon Project Kuiper…

6 hours ago

SSD with a ‘tail’: Kioxia unveils ‘optical’ SSDs for next-generation data centers

Kioxia, AIO Core, and Kyocera have announced the development of a PCIe 5.0-compatible optical SSD…

7 hours ago

Microsoft to thin out mid-level managers, non-programmers and ineffective workers

Microsoft is considering another round of layoffs in May, Business Insider has learned. The company's…

7 hours ago