More than 300,000 Iranians may have had their own Google email monitored using security certificates stolen from Dutch firm DigiNotar.
DigiNotar provide report in which let attackers generate many fake certificates.The report suggests the certificates were used in Iran to eavesdrop on email accounts.The list has been send to Google so it can tell victims they may have come under government scrutiny.
On 30 August, security firm Fox-IT was called in to analyse the sequence of events at DigiNotar that led to the security breach. they will publish interim report late on 5 September.
DigiNotar is one of many firms which help to ensure that no-one is eavesdropping on secure communications between users and the sites they visit.
It does this via security certificates which act as a guarantee of identity so people can be sure they are connecting to the site they think they are.
Anyone armed with a rogue certificate for a web firm or service can impersonate that organisation and get at communications that would otherwise be impossible to read because they are encrypted.
The first exploration by the hackers took place on 6 June, suggests the report, and the first rogue certificates were issued on 10 July.
"The network has been severely breached," said the report. It said security procedures at DigiNotar were clearly lacking because the tools the hackers used and installed on network computers can be detected by standard anti-virus software.
All evidence gathered by Fox-IT suggests that the attacks were carried out to help surveillance of Iranian net users. More than 99% of the 300,000 IP addresses known to have connected to Google's email service with the help of a fake security certificate are in Iran.
Fox-IT noted that the use of the fake certificates would also have given attackers access to small text files known as cookies that Google and many others use to recognise regular visitors.
As a result, Fox-IT said: "It would be wise for all users in Iran to at least logout and login but even better change passwords."
No comments:
Post a Comment