News Item

Analysis of ‘Operation Black Tulip’: Certificate authorities lose authority

The Agency releases its analysis of the Diginotar- ‘Operation Black Tulip’ case, where a digital certificate authority suffered a cyber-attack.

Published on December 05, 2011

The Agency has analysed the ‘Operation Black Tulip’ cyber attack and issued recommendations on how to mitigate security concerns with certification authorities.

In the attack, false certificates were created for hundreds of websites, including Google and Skype. Reports indicate that the cyber-attack started in mid-June, and that for two months, false certificates were used to eavesdrop on users in Iran. In its new analysis, the Agency identifies three major issues, and suggests remedies to these.

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items;


We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more