We reported recently on the breach of the security system trusted by millions of people across the globe. At the time the identity of the source wasn't known but the 21 year old hacker, known as ‘Comodohacker' has spoken to the New York Times.
Recently he broke into communications of as many as 300,000 Iranian people. He claims he is working on his own, and he sent emails to the New York Times which read “I’m totally independent. I just share my findings with some people in Iran. They are free to do anything they want with my findings and things I share with them, but I’m not responsible.”
The whole issue has raised a very serious topic of conversation regarding the safety of certificate systems. These are used to verify the identity of a specific website, but as it has been shown, someone with enough skill and resources can break the system.
The NYT says “Hundreds of companies and government authorities around the world, including in the United States and China, have the power to issue the digital certificates that the system relies upon to verify a site’s identity. The same hacker is believed to be responsible for attacks on three such companies.
In March, he (Comodohacker) claimed credit for a breach of Comodo, in Italy. In late August came the attack on the Dutch company DigiNotar. On Friday evening, a company called GlobalSign said it had detected an intrusion into its Web site, but not into more confidential systems.
Armed with certificates stolen from companies like these, someone with control over an Internet service provider, like the Iranian authorities, could trick Internet users into thinking they were safely connected to a familiar site, while eavesdropping on their online activity.”
Comodohacker added in email that he started by scrolling through a list of certificate security companies. He then targeted DigiNotar, which was apparently made easy by a poor security system, according to Fox-IT, a security company who were commissioned by the Dutch government to investigate. All of the certificates were protected by just a single ‘weak' password according to the report findings.
Comodohacker first breached the DigiNoTar systems in June, according to Fox-IT and he spent 10 days generating 531 fake certificates, including some for Facebook, Google and Skype. 300,000 people were given fake certificates which were produced by Comodohacker. The hacker said “My country should have control over Google, Skype, Yahoo, etc.. I’m breaking all encryption algorithms and giving power to my country to control all of them.”
You can read more over here.
Kitguru says: Is this concerning for you? Should security be raised?