Hackers thought to be of Iranian origin managed to steal security certificates from the websites of the Mossad, the CIA, and the Israeli internet portal Walla, according to a report by a security official for Mozilla, publishers of the popular web browser Firefox, whose website was also breached.
The Mozilla report also claimed that security certificates were stolen from British intelligence agency MI-6, Twitter, Yahoo, Facebook and others, as well. There are reports of 531 stolen certificates in total thus far, including a break-in to Googles servers, which occurred in July and were reported in late August.
The security certificates allow web browsers to communicate securely with web servers over the internet, according to Blogger Lior Kaplan. The SSL certificates are created by special companies that provide this service and are generally thought to be dependable and trustworthy.
Forging certificates allows malicious people to play the man-in-the-middle trick, impersonating the secure site with a fake certificate, and then passing the users information on to the actual site. It then passes the reply on to the user. In this way, the malicious person sits between the two parties and listens in on their conversation, Kaplan wrote in his blog.
Encryption is not synonymous with secure data, said Raviv Raz, CEO of Hybrid Security, a developer of Web fraud prevention solutions. You can encrypt end to end, but its not worth a thing if you dont know who youre talking to on the other end of the line.
Many people believe that those behind the thefts are Iranian hackers, perhaps even connected to the Iranian government. These suspicions arose after Google reported that the stolen certificates affiliated with it were used to attack web users in the general area of Iran.