Dutch launch Iran IT hacking probe

Sep 06, 2011
An Iranian surfs the internet at a cafe in central Tehran. The Dutch secret service has opened an investigation to determine who falsified 531 Internet security certificates in order to snoop on users in Iran, the Dutch Interior Ministry said Tuesday.

The Dutch secret service has opened an investigation to determine who falsified 531 Internet security certificates in order to snoop on users in Iran, the Dutch Interior Ministry said Tuesday.

"The secret service has opened an investigation," its spokesman Vincent van Steen told AFP, adding "it is specifically to find out who hacked the certificates."

The ministry said Monday that Internet security specialist company Fox-IT released a report noting that hackers in July falsified 531 Internet security certificates, also known as SSLs, through Dutch company DigiNotar.

The hackers tried to intercept private communications in Iran, Fox-IT said.

are used to verify to visitors that a particular website is authentic and are issued by DigiNotar and other firms known as Certification Authorities. Internet users whose browsers are fooled by a false certificate could unwittingly reveal their activity to another party in what is known as a "man-in-the-middle attack."

According to Fox-IT, a number of the DigiNotar's servers were hacked and false certificates issued to websites not only that of Skype, , and , but also websites belonging to spy agencies the and and Israel's Mossad.

"It wouldn't surprise me in the end if it turns out that the Iranian government is behind it and is trying to get information it normally couldn't have, such as that from dissidents," Hans van de Looy, an expert at computer security specialist Madison Gurkha, told AFP.

Fox-IT said 99 percent of users targeted by cyber attacks were in Iran.

Explore further: Study: Social media users shy away from opinions

add to favorites email to friend print save as pdf

Related Stories

Experts suspect Iran involvement in Dutch hacking

Sep 05, 2011

(AP) -- Hackers who broke into a Dutch web security firm have issued hundreds of bogus security certificates for spy agency websites including the CIA as well as for Internet giants like Google, Microsoft and Twitter, the ...

Experts uncover weakness in Internet security

Dec 30, 2008

Independent security researchers in California and researchers at the Centrum Wiskunde & Informatica (CWI) in the Netherlands, EPFL in Switzerland, and Eindhoven University of Technology (TU/e) in the Netherlands have found ...

Recommended for you

Study: Social media users shy away from opinions

Aug 26, 2014

People on Facebook and Twitter say they are less likely to share their opinions on hot-button issues, even when they are offline, according to a surprising new survey by the Pew Research Center.

US warns shops to watch for customer data hacking

Aug 23, 2014

The US Department of Homeland Security on Friday warned businesses to watch for hackers targeting customer data with malicious computer code like that used against retail giant Target.

Fitbit to Schumer: We don't sell personal data

Aug 22, 2014

The maker of a popular line of wearable fitness-tracking devices says it has never sold personal data to advertisers, contrary to concerns raised by U.S. Sen. Charles Schumer.

Should you be worried about paid editors on Wikipedia?

Aug 22, 2014

Whether you trust it or ignore it, Wikipedia is one of the most popular websites in the world and accessed by millions of people every day. So would you trust it any more (or even less) if you knew people ...

Philippines makes arrests in online extortion ring

Aug 22, 2014

Philippine police have arrested eight suspected members of an online syndicate accused of blackmailing more than 1,000 Hong Kong and Singapore residents after luring them into exposing themselves in front of webcam, an official ...

User comments : 4

Adjust slider to filter visible comments by rank

Display comments: newest first

Vendicar_Decarian
3 / 5 (2) Sep 06, 2011
Given that the certificates were primarily being issued to Iran, we know the attacker was either the Israeli or American government.
Corban
not rated yet Sep 06, 2011
More specifically, to Iranians. That makes the Iranian gov't the more likely culprit, as this would allow them to eavesdrop on social network communications.
ricarguy
not rated yet Sep 07, 2011
Mr. Vendicar,
"...we know the attacker was either the Israeli or American government." is a pretty strong accusation given the evidence presented, and given the more likely scenario. Cynicism may have clouded your judgment in this case.

It is good at times to try to be humble enough to take a step back and think about beliefs, assumptions and attitudes that can form the blinders that we all are susceptible to and easily lead people astray.
frajo
not rated yet Sep 09, 2011
Historical experience shows that nearly all information distributed by western mainstream media about countries regarded as enemies of the west is simply untrue, misleading, or erroneous.
The common westerner really believes only inhabitants of non-western countries are lied at by their governments.

Are the informations in this article testable by the layperson? Nope. Are they falsifiable? Nope. Will the persons lying at us be punished? Never.