Iranian Hackers Attempt to Crack SSL
The secure sockets layer is the basis for internet security. SSL certificates are issued to websites as a means of encrypting sensitive data such as credit card information and all manner of private communications. The certificates can be issued by a number of companies, and are intended to provide a way for Internet users to be certain of exactly who is receiving their data and prevent any of it from being intercepted in transit. Since the concept was adopted by Netscape in 1994, SSL has been the gold standard for nearly all types of encrypted communication, but a new attack may be ready to strike fear into users all over the globe.
Comodo, one of the firms that provides certificates for secure websites, has revealed that it has suffered a breach, believed to have originated in Iran. The hacker fraudulently requested as many as nine certificates, and did in fact receive at least one of them. Armed with any of these certificates, the hacker would be able to impersonate a legitimate website, stealing user data and possibly financial information in the process. The affected domains involved in the attack included sites belonging to Google, Microsoft’s Live Service, Skype and Mozilla, maker of the popular Firefox Web browser.
So far Comodo has stated that the circumstantial evidence points to Iran, and that because of other known attacks in the past, it was likely to have been state sponsored. The website that was used to test the fraudulent certificates was hosted within the country, but quickl vanished. Due to the nature of this type of theft, Internet users should be prepared to double check their browser settings and remain aware that even data transmitted over SSL carries risks. Microsoft has issued a security bulletin regarding the issue, including information about how end-users can protect themselves.