Attackers who hacked into a Dutch web security firm issued hundreds of fraudulent security certificates for intelligence agency websites, including the CIA, as well as for Internet giants like Google, Microsoft, and Twitter, the Dutch government said recently.Rico says his friend Rob may be Dutch, but he swears he had nothing to do with this...
Experts say they suspect the hacker or hackers operated with the cooperation of the Iranian government, perhaps in attempts to spy on dissidents.
The latest versions of browsers, including Microsoft’s Internet Explorer, Google’s Chrome, and Mozilla’s Firefox are now rejecting certificates issued by the firm that was hacked, DigiNotar.
But, in a recent statement, the Dutch Justice Ministry published a list of the fraudulent certificates that greatly expands the scope of the July hacking attack that DigiNotar acknowledged only last week. The list also includes certificates that were sent to sites operated by Yahoo, Facebook, Microsoft, Skype, AOL, the Tor Project, WordPress, and by intelligence agencies like Israel’s Mossad and Britain’s MI6.
DigiNotar is one of many companies that sell the security certificates widely used to authenticate websites and guarantee that communications between a user’s browser and a site are secure.
In theory, a fraudulent certificate can be used to trick a user into visiting a fake version of a website, or used to monitor communications with the real sites without users noticing. But, in order to pass off a fake certificate, a hacker must be able to steer his target’s Internet traffic through a server that he controls. That is something only an Internet service provider, or a government that commands one, can easily do.
Technology experts cite a number of reasons to believe the attack is connected to Iran. Notably, several of the certificates contain nationalist slogans in Farsi, the language spoken by most Iranians.
“This, in combination with messages the hacker left behind on DigiNotar’s website, definitely suggests that Iran was involved,” said Ot van Daalen, director of Bits of Freedom, an online civil liberties group.
So far, only a handful of users in Iran is known to have been affected. The attack on DigiNotar closely resembles one in March of the United States security firm Comodo, which was also attributed to an Iranian.
Although no users in the Netherlands are known to have been victimized directly, the breach has caused a major headache for the Dutch government, which relied on DigiNotar to authenticate most of its websites.
In a recent news conference, the Dutch justice minister, Piet Hein Donner, said the safety of websites, including the country’s social security agency, police, and tax authorities, could no longer be guaranteed. He advised users who wanted to be certain of secure communication with the government to use pen and paper.
The Dutch government took over management of DigiNotar, a subsidiary of Vasco Inc., which is based in Chicago, but kept the websites operating as it scrambled to find replacement security providers.
06 September 2011
Them Dutchies...
The AP has a story about hackers in the Netherlands:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment