Digital Signatures: The hidden vulnerabilities in the new normal

Dan May, Commercial Director at ramsac, takes a fresh look at how digital signatures work, their security value and their relationship to encryption, along with best practice advice on how to ensure that they are deployed securely in your company.

When we started working from home in March 2020, businesses had to adapt to the new way of working across the UK, which included signing contracts, business documents, and more.

Much like the Zoom database leak of April 2020, hackers have found ways to bypass security and gain access to confidential documents through a variety of methods in digital signature documents.

How does digital signing work?

Digital signature companies, such as DocuSign and Adobe Sign, use Public Key Infrastructure (PKI). PKI uses a public and private key to ensure that the signature provided is authentic. To verify the authenticity, PKI requires key matches between the signer and the signee.

Numerous laws are surrounding digital signatures and their legality and have been since 1999. Regulations such as the Electronic Identification and Trust Services (eIDAS) regulation, was recently adopted in the European Union. Because of the nature of documents involved in digital signing, many legislation protects who can create digital signature companies and how they must work.

Methods of hacking

There are three main ways to hack a PDF. Hide, replace and hide and replace. Together they form the shadow attacks group, and research publicly identified them in July 2020. All three attacks manipulate the PDF between the creator and the signer, so both see a document that is correct.

Hide attack

A hide attack involves concealing the malicious content behind other non-malicious content. This could be an image or box. Once the victim has signed the document and sent it back to the attacker, the attacker reveals the hidden content and can access the information.

Replace attack

A replacement attack can occur by changing or replacing certain minor aspects of a legitimate form. This could be changing fonts to lookalike ones but importing malicious code.

“For instance, the (re)definition of fonts does not change the content directly. However, it influences the view of the displayed content and makes number or character swapping possible,” the researchers explained.

This can be incredibly deceptive as it will look exactly as it should, and for important forms, can steal essential information such as a mortgage application. 

Hide and replace attack

This is considered the most advanced shadow attack as it enables hackers to replace the entire contents of a PDF. The signee sees a correct document and signs. Still, by hiding malicious content behind legitimate content and replacing elements with less than legitimate code, the hacker has multiple ways to access the document.  

Because of the nature of the hide and replace, they can go undetected by security scanners.

Prevention is better than cure

One of the weakest links in cybersecurity is the human. Providing your team with cybersecurity training to know the signs of a scam or fraud and how to question emails. Under GDPR, all staff, including directors and board members, of your company must receive some form of cybersecurity training.

As attacks get more sophisticated, regular and updated training and awareness among staff is key. Ensuring all computers are up to date, with the correct security patches is imperative. Research from January 2021 shows that 26 of the 28 main PDF viewers are susceptible to some or all commonly known attacks. Therefore, choosing a document signing system that is considered secure is also key.

As well as the human aspect, having secured passwords is key, rather than sharing them on unsecure messaging services. Apps such as Password Boss or LastPass can help to encrypt and store passwords safely but ensure collaborative working through team member sharing. Requiring password changes every six months, or a similar time frame is best practice to ensure no repeated or outdated passwords.  

READ MORE: 

Public Wi-Fi is a huge security risk, and it is recommended not to connect in any circumstance for work, even when using it with extreme caution and a VPN. A classic scam involves hackers sitting in the corner of places like coffee shops broadcasting a “free” wireless access point, pretending to be the coffee shop. They can then drop files onto your computer or make a copy of all the internet activity you do. 

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...