430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens

Bad news for citizens of Kazakhstan, the government is beginning to intercept all the encrypted traffic, and to do it, it is forcing them to install a certificate. The Kazakhstan government is beginning to intercept all the encrypted traffic and to do it is forcing users in the country to install a certificate. The Kazakhstan […]

Kazakhstan

Bad news for citizens of Kazakhstan, the government is beginning to intercept all the encrypted traffic, and to do it, it is forcing them to install a certificate.

The Kazakhstan government is beginning to intercept all the encrypted traffic and to do it is forcing users in the country to install a certificate.

The Kazakhstan authorities issued an advisory to local Internet Service Providers (ISPs) asking them to allow their customers to access the Internet only after the installation on their devices of government-issued root certificates.

Once installed the root certificate (“trusted certificate” or “national security certificate) the ISPs will be able to spy on citizens’ encrypted HTTPS and TLS connections.

Since April, the Kazakh ISPs are informing users to install the “national security certificate” to access “allowed” HTTPS websites.

By installing a root certificate issued by a Government Organisation allows the authorities to generate a valid digital certificate for any domain they want to intercept even if the user connects it via HTTPS.

Recently the Kazakh ISP Tele2 started redirecting all HTTPS connections of its customers to a web page containing the certificate and instructions on how to install the certificate on major OS.

The certificates are issued in compliance with the Law on Communications 2004 passed in November 2015. Clause 11 of Article 26, the “Rules for Issuing and Applying a Security Certificate,” states that national ISPs must monitor the encrypted Internet traffic of their customers using government-issued security certificates.

“In accordance with the Law of the Republic of Kazakhstan on Communications, Article 26 and Clause 11 of the Rules for Issuing and Applying a Security Certificate, communications operators ensure the distribution of a security certificate to their subscribers with whom they have contracts for the provision of communications services.” states Tele2.

“The law prescribes for carriers to pass traffic using protocols that support encryption using a security certificate, with the exception of traffic encrypted by means of cryptographic protection of information in the Republic of Kazakhstan.”

Experts pointed out that since users can visit websites only via HTTP before installing the certificates, it is possible that attackers can launch a Man-In-The-Middle attack to replace certificate files and spy on users’ connections.

The Kazakhstan government initially planned to force the installation of the certificate by January 2016, but evidently failed due to a series of lawsuits.

The authorities told to the citizens that the installation of the certificates is necessary to protect them from hackers.

“A security certificate has been introduced that will become an effective tool for protecting the country’s information space from hackers, Internet fraudsters and other types of cyber threats,” continues the note.

“The introduction of a security certificate will also help in the protection of information systems and data, as well as identifying hackers and Internet fraudsters before they can cause damage.”

“It will also allow Kazakhstan Internet users to be protected from hacker attacks and viewing illegal content.”

Clearly Kazakhstan aims at fully controlling the access to the Internet and apply censorship for not allowed content.

Giving a look at the Tor metrics for Kazakhstan it is possible to observe that since April the number of connected users through Tor is increased after the announcement of the first request of the government of installing the certificates.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Kazakhstan, surveillance)

[adrotate banner=”5″]

[adrotate banner=”13″]