DigiNotar enquiry widens amid fears of more breaches

By Lee Kaelin on September 7, 2011, 10:13 AM

The investigation into the breaches we reported on last week will be widened in an effort to learn whether private data of Dutch citizens has been compromised. It's been suggested that more than 500 fake certificates have been issued, including certificates for the British SIS (better known as MI6), the Israeli Mossad, the CIA, Microsoft, Facebook, and Twitter. The massive list includes certificates that can even be used to send fake update notices for Windows updates.

The Dutch Government took over operational management of DigiNotar's systems and has already revoked every single SSL certificate, including those used for its citizens to file online tax returns. The embattled company must now confirm whether Dutch citizens' personal information has been exposed, and more crucially whether the specially issued secure certificates used to guarantee the authenticity between government computers have been breached. This has caused extensive problems for the Dutch IT infrastructure, leading to many services being unavailable and communications disrupted for its residents.

In a blog post, Roel Schouwenberg, a security specialist with Kaspersky commented that "the attack on DigiNotar will put cyberwar on or near the top of the political agenda of western governments," adding that he remains in his stance that a government operation is the most plausible scenario. 

The Iranian government is widely suspected to be involved in the attacks on the Dutch SSL certificate provider. Earlier this year the country announced changes to its DNS system, creating the ideal opportunity to add the fake certificates into its systems.

DigiNotar has also been accused of only admitting to the breach after reports started surfacing from affected Iranian users. This failure to disclose the breach in a more timely manner and the subsequent distrust earned as a result is likely to spell the end for the company. 

While browsers for desktops were fast to revoke all certficates issued by the company, it is worth noting that mobile platforms have been slow to respond, so those using mobile phones to connect to any of the affected sites should exercise caution.

Apple has also remained silent throughout this ordeal. The company hasn't confirmed if they will even revoke the certificates, and as such security experts are recommending Apple users use third party browsers if in doubt.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.