News

Experts suspect that hackers who broke into a web security firm and issued hundreds of bogus security certificates for spy agency websites and internet giants had ties to the Iranian government.

In a statement on Monday, the Dutch government released findings that greatly expand the scope of a hacking attack on securities firm DigiNotar. External IT experts reviewing DigiNotar's computer systems said the hack may have begun in June, not July as DigiNotar had previously asserted.

The experts said it had affected access not only to Google, but included 531 fake certificates for about 344 domains including sites operated by Yahoo, Facebook, Microsoft, Skype, AOL, Mozilla, TorProject, and WordPress, as well as spy agencies including the CIA, Israel's Mossad and Britain's MI6.

DigiNotar is one of many companies that sell the "SSL" security certificates widely used to authenticate websites and guarantee that communications between a user's browser and a website are secure.

In theory, a fraudulent certificate can be used to trick a user into visiting a fake version of a website, or used to monitor communications with the real sites without users noticing.

But in order to actually pass off a fake certificate, a hacker must be able to steer his target's internet traffic through a server he controls.

That is something that only an internet service provider can easily do - or a government that commands one.

Ties to Iran

Informa... >>>