Next week, the House of Representatives will hold a hearing on the DigiNotar debacle. Hackers struck DigiNotar in mid-June, after which they issued forged certificates for numerous sites. The attackers were able to use them to redirect Iranian internet users to, for example, a fake Gmail site, after which they may have been able to intercept login details or communications. On 30 August, I already asked the Ministers of the Interior and Foreign Affairs about this . In the night of 3 September, Minister Donner announced that the government had lost confidence in Diginotar.
Alarm bells should have rung in 2009, March 2011 and last June. Turkish and Iranian hackers struck in May and June 2009. This was discovered by Mikko Hypponen, chief researcher at security company F-Secure. In March 2011, the company Comodo was hacked. This company, like Diginotar, supplies certificates. This case is very similar to the hack at Diginotar. Moreover, the same hacker very recently claimed responsibility.
How did those involved in the Diginotar debacle respond to the hack at hong kong phone number list Comodo? Or was this alarm not heard? What measures did the ministry take at the time in case the PKI government certificates were ever compromised? Did Govcert ask questions about this? Was this a reason for OPTA to sound out the companies under its supervision? Was there a failure of supervision?
How could the control have been so bad?
The Fox-It report shows that the company did not have anti-virus software running on its servers and that bad passwords were used. It also appeared that the hack detection system was not effective. It looked like there was a big sticker on the servers that said: 'Ahmedinijad come in with your servant'.