Update on digital certificates

The discussion early in August is back in the headlines as hackers gain stolen documents to pose as Google.

September 2, 2011

The Ask Control Engineering posting of August 4 talked about how a hacker can pose as something else using fraudulent or stolen digital certificates. A recent article in Computer World discusses how hackers obtained “a digital certificate good for any Google website.” Using this, a hacker can pose as any of Google’s services and use this to pull off a man in the middle attack on anyone trying to access his or her accounts using the same network as the hacker.

The article goes into greater depth on how it all happened, but there are still many gaps as investigators try to piece together events.

This type of attack strategy is a favorite for cyber criminals trying to break into industrial networks, and is effectively what happened with Stuxnet. The attacker places himself between the HMI and the plant equipment, sending bogus and possibly harmful orders to the equipment while making the HMI tell operators that nothing is wrong.

–Peter Welander, pwelander@cfemedia.com