In Iran, New Attack Escalates Ongoing Cyberconflict

A cyber-attack linked to Iran this week is the latest in a string of cyber-events that some say represents a new step in a shadowy and long-running war between the Iranian government and those who criticize it on the Internet.

By Robert McMillan
Fri, March 25, 2011
. What's this?

IDG News Service — A cyber-attack linked to Iran this week is the latest in a string of cyber-events that some say represents a new step in a shadowy and long-running war between the Iranian government and those who criticize it on the Internet.

Comodo Group, a seller of digital certificates, said that an unnamed partner was compromised on the evening of March 15. The attack was worrying because the kind of digital Secure Sockets Layer (SSL) certificates that Comodo sells are an important part of the infrastructure used to secure the Internet. These certificates are encrypted files that tell the browser it's securely connecting with the real Gmail.com, for example, and not an imposter site. They help prevent phishing attacks, but in a country like Iran, they can be critical to dissidents, helping to keep private communications safe from prying eyes.

The attack was well-planned and carefully executed, but according to Comodo, it was quickly detected. Massimo Penco, a vice president of Comodo based in Italy, said he received an alert around 7 p.m. on March 15 that something unusual was going on.

"Someone issued a certificate for Google (GOOG), but we didn't have a request from Google," he said. Within 15 minutes of this happening, he was on the phone asking colleagues in New Jersey to lock the system down, he said. The certificate for Google was revoked within an hour or so, along with eight others that had been issued in the meantime.

Comodo doesn't know who was behind the attack. In the hacking world, it's standard practice to hop from computer to computer as a way of hiding one's tracks. And a secretive country such as Iran is unlikely to share information with Western investigators.

Still, Iran has the means, motive and opportunity to pull off an attack like this in order to spy on supposedly secured communications between Iranians and the servers used by companies such as Google, Skype and Microsoft (MSFT), all of whose certificates were spoofed in the attack, said Melih Abdulhayoglu, Comodo's founder and CEO. "All things point to the Iranian government and their newly founded cyberwarfare department," he said.

Representatives with Iran's Permanent Mission to the United Nations were unable to comment Friday.

The Iranian government has been interested in monitoring and controlling its citizens' Internet use for close to a decade now, said Mehdi Yahyanejad, founder of the popular Iranian discussion site Balatarin.

But after the founding of the country's cyberpolice unit in late 2008, Iran began to flex some muscle. Yahyanejad believes that Iran was behind a complicated February 2009 attack that wiped out his website and kept it offline for three weeks. He suspects state involvement, because news of the attack was published on the state-sponsored Fars News Agency website within hours of the attack -- before even Yahyanejad himself had had time to figure out what had happened.

Continue Reading

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
White Papers »
Meridina fly Case Study
Online airline and travel group Meridiana fly needed a faster, more cost-effective way for its growing customer base to book reservations online. They turned to the Riverbed® Stingray™ Traffic Manager, which ensured a fast, responsive website that could cope with increasing high-demand. The company's pages now load much faster, and downtime is a thing of the past.
Comic Relief Case Study
Every two years, one of the biggest events in the UK fundraising calendar is Comic Relief's Red Nose Day. In 2009 the charity implemented the Riverbed® Stingray™ Traffic Manager to make sure its web and donation platforms could scale up to handle vast peaks of website traffic. Thanks in part to this solution, Comic Relief's 2009 fundraising event raised a phenomenal £54.7m.
See Tickets Case Study
With 85 percent of its ticket sales made online, See Tickets needed a robust, secure, highly accessible website. The company chose the Riverbed® Stingray™ Traffic Manager to ensure that its site was always online and fast, even during extreme peaks in traffic. Now the company's valued customers receive optimal online service.
Gartner Magic Quadrant for Web Content Management, 2011
Gartner's report affirms the key role of web content management as part of a larger digital marketing strategy for engaging and serving customers/citizens. In this must read Gartner Magic Quadrant for WCM, analysts evaluate technology providers based on their ability to execute and completeness of vision.
Web Content Management for Online Experience
The web content management (WCM) market is growing based on customer experience (CXM) needs, including multichannel delivery, content targeting, analytics, and integration with other CXM technologies.
Finding the right cloud solutions for your organization
HP is driving the evolution of what we call the Instant-On Enterprise. It is an enterprise that embeds technology into everything it does to better serve citizens, partners, employees, and clients. We believe that today's Instant-On Enterprises need to think differently about how they source and deliver services that are enabled by technology. They need to take advantage of a hybrid delivery model-one that truly optimizes the mix between traditional IT, private cloud, and public cloud.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Webcasts »
Test Drive the Future of Business Communication Today
Traditional communication methods are no longer sufficient to meet the pace of business today. Video Conferencing is an essential business tool. Dimension Data is revolutionizing the process of doing business and making video conferencing fast, simple and affordable.
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Oracle Database Appliance Best Practices
Business users increasingly demand 24x7 availability of their data while IT departments face the challenge of ensuring maximum availability while operating with limited budgets.
Unlock the Value of Cloud Computing with Workload Automation
Learn how to get the most from your cloud investment in our on-demand webinar from BMC and InformationWeek. You'll hear how integrating the cloud into your production workload brings critical business benefits.
Best Practices to Optimize Your Data Center at Every Layer of the Stack
Date: May 31, 2012
Time: 1 PM EST

Organizations are reaping the benefits of simplifying IT, lowering costs and dramatically improving transactional throughput by deploying optimized application-to-disk solutions. These pre-tuned, tested solutions encompass a wide variety of applications and use cases. Hear from industry experts, and IT executives, how these full-stack solutions can achieve three times faster deployment times and up to 75% reductions in acquisition and operational costs.
Workload Automation Trends and Best Practices in 2012
Find out when you join EMA Senior Analyst, Torsten Volk, for a discussion on the 2012 trends in workload automation and how these trends contribute to better connecting workload automation to business processes. These trends are derived from EMA's empirical research work conducted for the 2012 Workload Automation Radar Report.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Meridina fly Case Study

Comic Relief Case Study

See Tickets Case Study

Gartner Magic Quadrant for Web Content Management, 2011

Web Content Management for Online Experience

Finding the right cloud solutions for your organization

Converged Infrastructure for Dummies

Seven Priorities for Integrated Network Management - How HP Intelligent Management Center Delivers an Enterprise-class Solution

Measuring the Business Value of CI in the Data Center

Building Cloud-Optimized Data Center Networks white paper

The Forrester Wave: Activities Streams, Q2 2012

SMBs Get Virtualization, Plus the Benefits of High Core Count Processors

Virtualized for Agility

The Accelerated SMB: Moving at the Speed of Virtualization

Make Virtual Desktops a Valuable Reality with AMD

Has Your Server Infrastructure Kept Pace with End User Demands?

Real Fabrics for a Virtual World

Enabling Remote Employees with High Quality Video

From Systems to Service Management: Running Your IT Department Like a Business

Generation Gmail: How are you dealing with "work-around email" workers?
Sponsored Links

Master the cloud with the power of convergence from HP

Connect with IT leaders redefining mobility at the Enterprise Mobile Hub

Choose New and manage one device instead of 170

Choose New for 8x the firewall and NAT performance

Check out a smart way of mobilizing your business with enterprise-ready Samsung Mobile.

Redefine your data center with HP servers.

Enhance your business with Windstream IT Solutions. Speak to someone local.

BlackBerry® Mobile Fusion. Different mobile devices. One platform.

Click to see how Accenture has delivered high performance to clients

CYBERMARYLAND | Learn Why Maryland is the Epicenter for Cybersecurity

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Cognizant. Leading in Business, Application & Technology Services

Collaboration: driving better business outcomes

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Complimentary Gartner Report on BYOD: Media Tablets & Beyond. View Now

Elevate storage agility and efficiency with HP 3PAR storage.

Choose New and slash the number of devices you manage

Customized information views & Twitter events at New Fulcrum Point

Splunk translates machine data into "aha" moments for IT and the business.

ManageEngine Desktop Central - Automate and Audit Your Desktop Management! Learn More...

Cloud Readiness Starts with Intel® Technology

High performance. Delivered. Click to see Accenture's client successes

Visit the Virtually There Learning Page to learn how to use virtualization to your competitive advantage.

Free: Hunter Muller's "The Transformational CIO."

Join us for an upcoming Microsoft 365 live online demo event.

Discover your easiest path to unified communications

Virtualizing Your Infrastructure Just Got Easier

Connect with global CIOs now at Enterprise CIO Forum

Resource Center
buy a link »
Ads by TechWords