• Why Jihad Watch?
  • About Robert Spencer and Staff Writers
  • FAQ
  • Books
  • Muhammad
  • Islam 101
  • Privacy

Jihad Watch

Exposing the role that Islamic jihad theology and ideology play in the modern global conflicts

Iran may have used fake web security certificates from major hacking attack to spy on its citizens

Sep 7, 2011 12:15 am By Marisol Seibold

“Among the domains listed [for fake certificates] are Google, Facebook, Twitter and Skype.”

Twitter and Facebook have been key organizing tools for protests, including the current bane of the regime’s existence, water fights. An update on this story. “Fake DigiNotar web certificate risk to Iranians,” from BBC News, September 6:

Fresh evidence has emerged that stolen web security certificates may have been used to spy on people in Iran.

Analysis by Trend Micro suggests a spike in the number of compromised DigiNotar certificates being issued to the Islamic Republic.

It is believed the digital IDs were being used to trick computers into thinking they were directly accessing sites such as Google.

In reality, someone else may have been monitoring the communications.

Hundreds of bogus certificates are thought to have been generated following a hack on Netherlands-based DigiNotar.

The company is owned by US firm Vasco Data Security. […]

Unconfirmed information published online suggested that more than 500 false DigiNotar certificates exist.

Among the domains listed are Google, Facebook, Twitter and Skype.

At the same time, it was noticed that a sizeable portion of the Dutch company’s certificates were mysteriously going to users in Iran.

By August, 76.5% of DigiNotar validations were in the Netherlands. 18.7% were in Iran and 4.8% elsewhere in the world, according to security firm Trend Micro.

Iranian activity dropped off after the certificates were revoked.

DigiNotar eventually went public about the intrusion on 30 August, at which time most web browsers stopped recognising DigiNotar certificates altogether.

Soft target

There are many reasons why Iran may have been targeted using the bogus certificates, according to security experts.

The republic’s tight controls on dissent mean that monitoring web traffic could yield useful information.

Iran’s internet setup also makes some types of interception easier, according to Rik Ferguson, Trend Micro’s director of security research and communications.

“All the internet traffic has to go through an Iranian government proxy before it goes out to the final destination.

“If you want to spy on normal HTTP traffic, that is not a problem – you get to see all the outbound requests and all the inbound responses,” he explained.

For secure websites, attempts to intercept would ring alarm bells with the web browser and therefore the user.

One option is to make the Iranian national proxy server look like it is the target website – using a fake DigiNotar certificate.

The proxy then relays information to and from the real website, e.g. Google.com, but there is no indication that the secure chain has been broken.

Government involvement?

While much online debate has centred around the role of the Iranian authorities, there is no firm evidence to support such a theory.

However, a spokesman for the Dutch Interior Ministry, Vincent van Steen told the Netherland’s-based ANP news agency that the cabinet was looking into claims of Iranian government involvement….

The prior report posted here noted that the nature and magnitude of the attack would require access to infrastructure that small-time vandals and crooks would not have.

Share this:

  • Click to share on Facebook (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)
  • Click to print (Opens in new window)
  • Click to email this to a friend (Opens in new window)
  • More
  • Click to share on Skype (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Telegram (Opens in new window)
  • Click to share on Tumblr (Opens in new window)
  • Click to share on Pocket (Opens in new window)
  • Click to share on Pinterest (Opens in new window)

Follow me on Facebook

Filed Under: Iran, Netherlands


Learn more about RevenueStripe...

FacebookYoutubeTwitterLog in

Subscribe to the Jihad Watch Daily Digest

You will receive a daily mailing containing links to the stories posted at Jihad Watch in the last 24 hours.
Enter your email address to subscribe.

Please wait...

Thank you for signing up!
If you are forwarding to a friend, please remove the unsubscribe buttons first, as they my accidentally click it.

Subscribe to all Jihad Watch posts

You will receive immediate notification.
Enter your email address to subscribe.
Note: This may be up to 15 emails a day.

Donate to JihadWatch
FrontPage Mag

Search Site

Translate

The Team

Robert Spencer in FrontPageMag
Robert Spencer in PJ Media

Articles at Jihad Watch by
Robert Spencer
Hugh Fitzgerald
Christine Douglass-Williams
Andrew Harrod
Jamie Glazov
Daniel Greenfield

Contact Us

Terror Attacks Since 9/11

Archives

  • 2020
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2019
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2018
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2017
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2016
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2015
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2014
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2013
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2012
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2011
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2010
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2009
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2008
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2007
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2006
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2005
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2004
    • December
    • November
    • October
    • September
    • August
    • July
    • June
    • May
    • April
    • March
    • February
    • January
  • 2003
    • December
    • November
    • October
    • March

All Categories

You Might Like

Learn more about RevenueStripe...

Recent Comments

  • Walter Sieruk on Iranian Kurdistan: Muslim brothers behead their sister in honor killing over her romantic relationship
  • J. Morgan on Iranian Kurdistan: Muslim brothers behead their sister in honor killing over her romantic relationship
  • ELI on Uighur leader: ‘We’re actually quite worried’ about what Biden might let China get away with
  • revereridesagain on Erdogan: ‘Turks must defend the rights of Jerusalem, even with their lives’ for ‘the honor of the Islamic nation’
  • James Lincoln on Erdogan: ‘Turks must defend the rights of Jerusalem, even with their lives’ for ‘the honor of the Islamic nation’

Popular Categories

dhimmitude Sharia Jihad in the U.S ISIS / Islamic State / ISIL Iran Free Speech

Robert Spencer FaceBook Page

Robert Spencer Twitter

Robert Spencer twitter

Robert Spencer YouTube Channel

Books by Robert Spencer

Jihad Watch® is a registered trademark of Robert Spencer in the United States and/or other countries - Site Developed and Managed by Free Speech Defense

Content copyright Jihad Watch, Jihad Watch claims no credit for any images posted on this site unless otherwise noted. Images on this blog are copyright to their respective owners. If there is an image appearing on this blog that belongs to you and you do not wish for it appear on this site, please E-mail with a link to said image and it will be promptly removed.

Our mailing address is: David Horowitz Freedom Center, P.O. Box 55089, Sherman Oaks, CA 91499-1964

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.