Fake DigiNotar web certificate risk to Iranians
Fresh evidence has emerged that stolen web security certificates may have been used to spy on people in Iran.
Analysis by Trend Micro suggests a spike in the number of compromised DigiNotar certificates being issued to the Islamic Republic.
It is believed the digital IDs were being used to trick computers into thinking they were directly accessing sites such as Google.
In reality, someone else may have been monitoring the communications.
Hundreds of bogus certificates are thought to have been generated following a hack on Netherlands-based DigiNotar.
The company is owned by US firm Vasco Data Security.
Authentication certificates are used by many websites to give their users secure access.
Typically these take the form of a TLS or SSL connection - which can be identified by the appearance of a padlock logo and "https" prefix.
Together, they are supposed to guarantee that the site is what it appears to be, and that the user's session is not being monitored.
Hundreds of bodies - known as certificate authorities (CAs) - are allowed to provide such authentication.
Web browsers, such as Safari, Chrome, Firefox and Internet Explorer have a built-in list of which CAs they can trust.
However, if a third-party was able to steal certificate details or generate their own, they may be able to launch a "man-in-the-middle" attack, similar to tapping a phone line.
The presence of an apparently genuine certificate means browser security would be unlikely to detect the surveillance.
Issued and revoked
On 19 July, Dutch CA DigiNotar detected an unauthorised intrusion into its systems.
The company immediately revoked a number of bogus certificates that had been created as a result.
It emerged later that some were missed, and other new ones generated, after the initial attack.
Unconfirmed information published online suggested that more than 500 false DigiNotar certificates exist.
Among the domains listed are Google, Facebook, Twitter and Skype.
At the same time, it was noticed that a sizeable portion of the Dutch company's certificates were mysteriously going to users in Iran.
By August, 76.5% of DigiNotar validations were in the Netherlands. 18.7% were in Iran and 4.8% elsewhere in the world, according to security firm Trend Micro.
Iranian activity dropped off after the certificates were revoked.
DigiNotar eventually went public about the intrusion on 30 August, at which time most web browsers stopped recognising DigiNotar certificates altogether.
There are many reasons why Iran may have been targeted using the bogus certificates, according to security experts.
The republic's tight controls on dissent mean that monitoring web traffic could yield useful information.
Iran's internet setup also makes some types of interception easier, according to Rik Ferguson, Trend Micro's director of security research and communications.
"All the internet traffic has to go through an Iranian government proxy before it goes out to the final destination.
"If you want to spy on normal HTTP traffic, that is not a problem - you get to see all the outbound requests and all the inbound responses," he explained.
For secure websites, attempts to intercept would ring alarm bells with the web browser and therefore the user.
One option is to make the Iranian national proxy server look like it is the target website - using a fake DigiNotar certificate.
The proxy then relays information to and from the real website, e.g. Google.com, but there is no indication that the secure chain has been broken.
While much online debate has centred around the role of the Iranian authorities, there is no firm evidence to support such a theory.
However, a spokesman for the Dutch Interior Ministry, Vincent van Steen told the Netherland's-based ANP news agency that the cabinet was looking into claims of Iranian government involvement.
Iran has previously been on the receiving end of cyber attacks, including the elaborate Stuxnet conspiracy which enabled a computer worm to take control of machinery in a uranium enrichment plant.
The DigiNotar incident has also raised broader concerns about the security of the global certificate authorisation system.
"The more there are, the more opportunities there are to attack the system," said Paul Mutton, a security analyst from Netcraft.
"Whenever there is a certificate authority that is trusted by all the mainstream web browsers, if someone was to compromise them it is just as bad as compromising the largest CA."
Alternatives to the current system have been suggested, including one by former hacker Moxie Marlinspike, known as Convergence, which verifies site authenticity by checking with multiple online "notaries".