Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Comodo Hack Attack: Analysis and Proposed Solutions

Verified

Added on 2023/06/07

AI Summary

This paper analyzes the Comodo hack attack and proposes solutions to enhance security measures. It discusses the impact of the hack on digital transactions and provides recommendations for organizations to prevent such attacks.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: COMODO HACK ATTACK
Comodo Hack Attack
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1COMODO HACK ATTACK
Abstract
The comodo hack fraud is one of the major case of doping the digital authorities that
have come up in the last few years. The commode certificate is one of the method that is used
in order to certify or authorise the payment transactions. This is one of the most trusted
organisation that provides this type of the certificates. This paper illustrates the process
through which the comodo hack was done and how this has affected the life of the Ebusiness
and other transaction methods. This paper provides some of the major details about the hack
of the organisation and this have affected the life of the people.
Company Profile – Heritage Travels
 (SME-100)
 Travel Agency
 Services
1. Flight Booking
2. Hotel Booking
3. Travel Packages
4. Taxi and Coach Reservation

2COMODO HACK ATTACK
Table of Contents
Company Profile – Heritage Travels..............................................................................1
Introduction....................................................................................................................3
Description of the IT Security Problem (Comodo Hack)..............................................3
Analysis of Major Security Problems............................................................................5
Proposed Solution..........................................................................................................5
Recommendations..........................................................................................................7
References......................................................................................................................8

3COMODO HACK ATTACK
Introduction
The comodo hack is one of the most dangerous attack that is made in the network
using the SSL security. This paper illustrate how a small margin organisation can deal with
this SSL hack. Further the paper details about what kind of the security measures can be
taken in order to enhance the security of this type of the hacks. Further in the organisational
terms what kind of the steps must be taken in order to enhance the security to avoid such kind
of the attacks are also a part of the paper (Upadhyaya 2015). Other details like how the hack
link of the certificate had spread and what are the major steps that must be taken in order to
enhance this kind of the security is also a part of the paper. What steps must be taken in order
to educate the employees of the organisation is also a part of the paper.
Description of the IT Security Problem (Comodo Hack)
The comodo is one of the organisation that provides the SSL the secured socket layer
certificate to the customers in which helps the users for the purpose of the doing digital
transactions. But there were some of the major concern raised when the hackers form Iran
hacked the system servers in order to issue fake certificates in order to observe the
transactions being made. The hack came into existence when nine different certifies got
issues (Bansal et al. 2015. the certificates were issued for some of the major organisations
like the Microsoft, Google and yahoo. This is one of the major hack that have been made in
the past years which have affected the people of the world. The reason for the hack is yet to
be known. Also one of the other major thing that is to be recognised that with the use of the
fake SSL certificates there have been a cases of hacker steeling the information of the
customers from the organisations.
According to many of the researchers this hack began with a registered user of the
organisation which issued all the other certificates. The hack began when a registered user

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4COMODO HACK ATTACK
when a registered account of the organisation got compromised and this account details was
used to create new accounts for the organisation. And with this there were 7 certificates that
got generated for 7IP addresses of several domains. This helped the hackers to create false
certificates that helped the users to use these certificates for the purpose of misuse of the
attacks.
The SSL or the secured socket layers which are self-signed certificates possess some
of the major risks other than the authorised certified signs. These harms are mainly caused to
the small margin enter prices (Yoon, Shin and Won 2017). The major reason for the creation
of the SSL is to reduce the cost of the authorised signatures. One of the major problem is that
the user logs gets stored in the details of the servers. One of the other major reason behind
this SSL certificates is that the certificates does not stores the credentials of the systems of the
users. This helps the hackers to access the information’s of the system and other details of the
customers of the organisation (Yoo et al. 2017). This can be one of the major issue that can
be used against the organisation in order to use the details of the customers for the process of
hacking the systems. Hence this is always said that a much authorised certificate must be
used in order to enhance the security of the organisation. As entire of the organisations work
depends on the internet hence there is a need of the use of the secured layer socket system
certificates which are authorise by the authorising organisation and are never self-made.
The comodo hack is one of the well-known hack that have took place in the recent
years. There can be lot done in order to mitigate the risk and hence reduce the chances of the
frauds. One of the simple and most efficient thing that must be done is to check for the SSL
certificate before the use of it (Arai 2015). Other than this one of the other major thing that
can be done is using authorized and well signed SSL certificates for the process of any
transactions. Other than this one of the other major thing that can be done in order to reduce
the chances of any error is set up checking parameters before the specific transaction is done.

5COMODO HACK ATTACK
Analysis of Major Security Problems
In this organisation where there are limited number of the people working for the
organisation there can be huge effect of the comodo attack as it can affect every working
transaction of the organisation (Howe 2015). As stated earlier the comodo attack generated a
number of false certificates that can be used for the purpose of stealing the data of the
organisation and the information of client transactions hence there can be a huge effect in the
working of the organisation (Das and Govardhan 2015). Due to the small nature of the
organisation there are no special security measures that are taken for the purpose of the
enhancing the security and hence reduces the risk of the task; Also due to the poor network
management there are also certain cases where it is observed that the comodo certificate have
been registered to be a authenticated one.
Due to this vulnerability of the network when a user tries to do a transaction with the
authentication of the SSL certificate then there are chances that the hackers stores the user
information like the card number, account numbers and other personal and banking details for
the purpose of exploiting the user. Hence it can be said that comodo certificate is one of the
major area that is needed to be focussed in the paper (Alnatheer 2014). Siting this
vulnerability of the hack many of the major organisation like the Google and the Microsoft
blocked the use of the certificate from the tie the hack was first discovered.
Proposed Solution
The comodo certificate is a form of a digital certificate that uses the process of
encryption in order to make the network transactions safe for users (Yin 2017). The digital
signatures can be explained as the form of the signatures that are made in the digital platform
for the process of safekeeping of data. This digital signatures generates a form of a hash value
and which hacks in the process of keeping the data safe. Further this hash keys are guaranteed

6COMODO HACK ATTACK
sung the process of the public key generation (Karagiannis et al. 2015). The public keys are
generated in such a way that there one part of the key is send to through the public networks
while the other part are send using the private networks and hence it becomes difficult for one
single user to access these information. In order to decrypt the information there is need to
merge up these two keys and once the keys are places’ in the correct order then only the file
is decrypted (LOO et al. 2017). While the private key cryptography the key is only known to
the use hence only the user is decrypt the file (Nimbalkar and Desai 2017). The major
problem in this is the fact that if the key is lost then it becomes very much impossible for the
user to open up the file. Once the certificates are signed then can only be opened up by that
same signature and hence reduces the chances of any vulnerability.
The HTTPS connection is one of the other major thing that can help in the process of
keeping the file secured. The HTTPS stands for hypertext transfer protocol which uses the
technique of the secured socket layer for the process of ensuring the security of the browser
(Barnesn et al. 2015). There is only two work of the HTTPS the first is to ensure that the user
is connected to the server it has requested and there is nothing in between these two and the
second is the user is able to read what is sent by the server in the way it have been sent. Once
the server is connoted to the use the server checks for the required certificates for the process
of the connection (Ganeshkumar and Arivazhagan 2014). This is where the use of the original
certificates comes as if there is any false in the certificates then the server rejects the same.
The fake comodo certifies were made in such a way that the servers cheeked them as the
original ones.
Some of the major ways though which this type of the attacks can be restricted are
very simple to be used. One of the major thing that can be used for the process of the securing
the website is there use of the virtual private networks. The virtual private networks can help
a lot in the process of the ensuring proper security to the systems (Möller and Langley 2015).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7COMODO HACK ATTACK
Further there are many of the organisations that helps in the process of the checking of the
SSL certificates can be done. One of the simple and most efficient thing that must be done is
to check for the SSL certificate before the use of it. Other than this one of the other major
thing that can be done is using authorized and well signed SSL certificates for the process of
any transactions. Being a small scale organisation it is always adviced to use the authorised
signature SSL certificate instead of the self-signed Certificates as these can reduce the
chances of the security of the website and the transactions that are made.
One of the other major thing that must be done in order to enhance the security of the
organisation the employees of the organisation must be made to learn about the software so
that they can know about the vulnerability and how the vulnarabity can destroy the security
of the orgasaition (Gupta 2015). The organisation must ensure that all the employees can
learn about the hack so that there are very less chances of this type of the incident
happenings.
Conclusion:
Thus concluding the topic it must be said that the Comodo attack is one of the most secured
and most dangerous hack that have been taken place since the last few days and is needed to
be dealt with utmost security. Also there needs to be a proper steps taken by the organisations
in order to incrsing the security of the servers and hence reduce the chances of any kind of the
errors. Further there is also a need of digital signatures of the certificates in order to reduce
this kind of the attacks. Further with the use of the more network security options like the
VPN that is the virtual private network and encryption this type of the attacks can be reduced.
Recommendations:

8COMODO HACK ATTACK
IT is always recommended for the users to ensure that there needs to be a use of the
secured servers which can check for the original certificates and hence can reduce the
chances of any kind of errors. Further there is also a need of the more secured king of the
SSL protocols so that this kind of the hacks can be reduced and hence the process of the
network transmission made secured. Further the company needs to ensure that all the servers
it uses in the organisation are secured and are encrypted properly so that only valued users
can access the server information. The users of the servers must have secured account so that
unauthorised users cannot enter the servers. The organisation also needs to make sure that the
customer information data base are securely encrypted and unauthorised sources must be
monitored in order to ensure customer safety.

9COMODO HACK ATTACK
References
Alnatheer, M.A., 2014. Secure Socket Layer (SSL) Impact on Web Server
Performance. Journal of Advances in Computer Networks, 2(3), pp.211-217.
Arai, M., 2015. Development and Evaluation of Secure Socket Layer Visualization Tool with
Packet Capturing Function. In MATEC Web of Conferences (Vol. 28, p. 06004). EDP
Sciences.
Bansal, Deepika, Priya Sethi, and Shipra Kataria. "Secure socket layer and its security
analysis." Networking and Communication Engineering 7, no. 6 (2015): 255-259.
Barnes, R., Thomson, M., Pironti, A. and Langley, A., 2015. Deprecating secure sockets
layer version 3.0 (No. RFC 7568).
Das, M.S. and Govardhan, A., 2015, September. QoS web service Security Access Control
case study using HTTP Secured Socket Layer Approach. In Proceedings of the The
International Conference on Engineering & MIS 2015 (p. 59). ACM.
Ganeshkumar, K. and Arivazhagan, D., 2014. Generating a digital signature based on new
cryptographic scheme for user authentication and security. Indian Journal of Science and
Technology, 7(S6), pp.1-5.
Gupta, U., 2015. Survey on security issues in file management in cloud computing
environment. arXiv preprint arXiv:1505.00729.
Howe, J., Pöppelmann, T., O'neill, M., O'sullivan, E. and Güneysu, T., 2015. Practical lattice-
based digital signature schemes. ACM Transactions on Embedded Computing Systems
(TECS), 14(3), p.41.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10COMODO HACK ATTACK
Karagiannis, V., Chatzimisios, P., Vazquez-Gallego, F. and Alonso-Zarate, J., 2015. A
survey on application layer protocols for the internet of things. Transaction on IoT and Cloud
Computing, 3(1), pp.11-17.
LOO, W.S., 2017. Digital certificates: success or failure?.
Möller, B. and Langley, A., 2015. TLS fallback Signaling Cipher Suite Value (SCSV) for
preventing protocol downgrade attacks (No. RFC 7507).
Nimbalkar, A.B. and Desai, C.G., 2017. Digital Signature Schemes Based on Two Hard
Problems. In Detecting and Mitigating Robotic Cyber Security Risks (pp. 98-125). IGI
Global.
Upadhyaya, S., 2015. Secure communication using DNA cryptography with secure socket
layer (SSL) protocol in wireless sensor networks. Procedia Computer Science, 70, pp.808-
813.
Yin, H.L., Fu, Y., Liu, H., Tang, Q.J., Wang, J., You, L.X., Zhang, W.J., Chen, S.J., Wang,
Z., Zhang, Q. and Chen, T.Y., 2017. Experimental quantum digital signature over 102
km. Physical Review A, 95(3), p.032334.
Yoo, Y., Azarderakhsh, R., Jalali, A., Jao, D. and Soukharev, V., 2017, April. A post-
quantum digital signature scheme based on supersingular isogenies. In International
Conference on Financial Cryptography and Data Security (pp. 163-181). Springer, Cham.
Yoon, J., Shin, K. and Won, Y., 2017. Encrypted Network Traffic Analysis Method via
Secure Socket Layer Handshake Control. In Advanced Multimedia and Ubiquitous
Engineering(pp. 61-66). Springer, Singapore.

1 out of 11

+13062052269

info@desklib.com

Comodo Hack Attack: Analysis and Proposed Solutions

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Comodo Certificate Fraud Hack Report 2022

Facebook Cambridge Analytical Case and Asynchronous I/O Activity

Construction Law and Legal Aspects