http://www.nextgov.com/cybersecurity/2012/05/possible-iranian-hack-nasa-stresses-need-site-certification/56019/ By Aliya Sternstein Nextgov May 31, 2012 Recent claims that an Iranian student group compromised NASA researchers’ online accounts by redirecting users from a seemingly valid login page to a password-stealing website underscore the importance of digitally certifying internal agency sites, a cybersecurity analyst said. The space agency has refuted the “man-in-the-middle” attack but acknowledged it is revalidating its computer systems, just in case. The pro-regime Iranians, self-dubbed the Cyber Warriors Team, orchestrated the ruse by allegedly erecting a proxy Web page that brought visitors to their intended destinations, only after capturing their login details. The site might have been vulnerable to this kind of gambit because the digital certificate NASA used to avow the page’s authenticity either had expired or wasn’t signed by a trusted third party, analysts say. The hackers partially revealed their methods in broken English on an online bulletin board. Whether or not the hit was real, the asserted ploy demonstrates why agencies should certify Web pages that transmit personal information, not just encrypt the information, said Johannes Ullrich, chief research officer at the SANS Institute. “They only protect the transmission of the information,” he said Thursday. “The page, the login form itself, is not protected.” [...] -- Help InfoSec News with a Donation http://www.infosecnews.org/donate.htmlReceived on Fri Jun 01 2012 - 00:43:11 PDT
This archive was generated by hypermail 2.2.0 : Fri Jun 01 2012 - 00:36:27 PDT