Duqu: Protect Your Private Keys
Some of the files associated with the new W32.Duqu threat were signed with a private key. After intense investigation we concluded that the private key used for signing these Duqu files was stolen from a Symantec customer whose systems appear to have been compromised. The private key was associated with a code signing certificate issued to that customer.
A Stolen Key
We take this very seriously and quickly revoked the customer code signing certificate in question. We have found no evidence of any breach to our systems and our records show that the code signing certificate was issued only after completing our rigorous customer authentication process. Our systems, roots and intermediate CAs were never at risk.
Running the world’s largest commercial cyber-intelligence network, Symantec is constantly monitoring the internet and customer environments in search of threats. Because of Symantec’s greater capacity to detect and analyze malware, the company is most likely to find the earliest signs that a given malware payload exists, and that it could have been signed by a compromised code signing key. As a result of this intelligence Symantec is able to take action very quickly.
Keep Private Keys Private
We have long advocated best practices for safeguarding private keys. We won’t speculate
as to how the keys were compromised at the customer site in the Duqu situation, however we do have some recommendations to customers on how to better protect their private keys:
· Separate Test Signing and Release Signing – It is best practice to set up a parallel code signing infrastructure using test certificates generated by an internal test root certificate authority. This ensures that business-critical private certificates used to sign officially released software aren’t stored on insecure build systems used for routine R&D software development tasks, reducing the likelihood that they will be compromised.
· Cryptographic Hardware Modules– Keys stored in software on general-purpose computers are susceptible to compromise. Therefore it is more secure, and best practice, to store keys in secure, tamper-proof, cryptographic hardware devices.
· Physical Security – There is no security without physical security. If it’s possible for an outsider, or malicious insider, to gain unnecessary access to code signing keys then all the cryptography measures are for naught. Cameras, guards, fingerprint scanners and additional measures are all appropriate to protect critical assets and should be taken seriously.
A Responsible Certificate Authority
There has been speculation that the W32.Duqu threat could be used to target Certificate Authorities as well as other types of organizations. We have no confirmation that this is true, however if it were the case, this is one more reason why Certificate Authorities must invest and diligently maintain strong security practices, such as:
1. Diligent investment in and upkeep of a secure application and network infrastructure
2. Rigorous and consistent authentication processes
3. Comprehensive auditing and reporting
4. Responsible breach notification and response practices
I believe Symantec has invested in and built the most robust and scalable certificate authentication, issuance, management and hierarchy infrastructure in the industry. We’ll update you if any further issues related to this topic develop.