TG Daily reports that Iranian hackers are believed to have been behind an attempted security breach of Comodo, a firm that issues Secure Socket Layer (SSL) certificates. If the attack proved successful, the hackers would be able to impersonate Google, Yahoo, Skype, Mozilla and Microsoft.
The SSL system uses digital certificates to assure Internet users of websites' authenticity, explains The Wall Street Journal. Comodo says it received requests for nine certificates from fraudulent websites set up in Iran. The company is not sure if the attackers received all nine certificates, but they do know that they definitely received one. Comodo says:
The attacker was well prepared and knew in advance what he was to try to achieve. He seemed to have a list of targets that he knew he wanted to obtain certificates for, was able quickly to generate the CSRs for these certificates and submit the orders to our system so that the certificates would be produced and made available to him.
Fraser Howard, principal threat researcher at Sophos, says:
Comodo's unfortunate security breach puts many consumers at risk, having opened the door for common and popular web sites visited by billions of people every day to have been spoofed.
Mikko Hypponen, chief research officer of F-Secure, explains the risk:
if you are a government and able to control internet routing within your country, you can reroute all, say, Skype users to fake https://login.skype.com and collect their usernames and passwords, regardless of the SSL encryption seemingly in place. Or you can read their email when they go to Yahoo, Gmail or Hotmail.
According to PCMag.com, Comodo believes the incident was a "state-driven attack" because the attacker would have needed access to critical Web infrastructure in the country.