Share this story
Close X
Switch to Desktop Site

Iranian government may be behind hack of Dutch security firm

(Read article summary)

Peter Dejong/AP

(Read caption) Exterior view of the building housing Internet security firm DigiNotar in Beverwijk, north-western Netherlands, Tuesday Sept. 6. Dutch prosecutors say they are investigating DigiNotar for possible criminal negligence after it was slow to disclose a hacking incident that compromised dozens of websites and likely helped the Iranian government spy on dissidents for a month.

About these ads

• A daily summary of global reports on security issues.

A hacker's breach of a Dutch online security firm may have allowed the Iranian government to monitor hundreds of thousands of its citizens' e-mail accounts.

According to a statement from the Dutch government on Monday, a hacker broke into Dutch company DigiNotar, which provides security certificates to authenticate websites as safe for Internet users. The hacker then created hundreds of fraudulent certificates for Google, Yahoo, Facebook, and other major communication sites, as well as for the websites of the CIA, MI6, and Mossad.

With the fake certificates, the hacker could eavesdrop on Internet users' communications with these sites by rerouting their traffic through falsely authorized network paths while appearing to be secure.

According to an audit performed for the government by Dutch company Fox-IT, the fake Google certificate was used 300,000 times between Aug. 4 and Aug. 29, almost all of that usage coming from Iran. Al Jazeera writes that technology experts say the evidence suggests that the hackers were working with the Iranian government.


Page 1 of 4

Follow Stories Like This
Get the Monitor stories you care about delivered to your inbox.