Experts skeptical new Russian certificate authority will evade sanctions

Share post:

Russia has found what it hopes is a way to get around Ukraine-related war sanctions that are preventing websites in the country from renewing their TLS certificates. Web browsers block sites with expired security certificates, causing trouble for Russian government and business sites.

TLS (Transport Layer Security) certificates are created by an authorized certificate authority (CA) to serve two vital functions in a browser:  to verify a domain’s owner and create an encrypted session between applications over the Internet.

But according to Bleeping Computer, Russia has created its own trusted TLS certificate authority (CA) to get around the sanctions problem.

Experts from Venafi aren’t sure it will work.

Pratik Selva, a security engineer with Venafi, said the establishment of the new Russian CA also could create the possibility of a catastrophic single point of failure for Russian entities. “It’s safe to assume that this new CA will be a primary target of Anonymous and other groups that are currently waging cyberattacks against Russian entities,” he said. “Unlike the rest of the world, both government and private-sector Russian sites and infrastructure don’t have a CAs, so if this one goes down or is compromised, every website connected to it will be disconnected from the internet until a new CA is created and new certificates can be issued.”

Kevin Bocek, Venafi’s VP of threat intel and security strategy, said the new Russian Certificate Authority “is a clear strike at privacy and freedom online because it gives the Russian government the power to surveil citizens and spoof any Western Internet service from Twitter to BBC. It also could enable the government to essentially turn off the Internet for Russians. The only good news is that this change does not impact users of Edge, Chrome, Safari in the rest of the world – this change only affects areas of the world where Russia can compel users to step back into a controlled digital world.

“All of this should come as no surprise,” Boeck said. “It is further escalation in conflict against an open Internet and an expansion of control over citizens. Russia is also locking itself out of the global economy and dimming the hopes of economic growth for current and future generations of Russian citizens.”

According to Bleeping Computer, as of Thursday morning the only web browsers that recognized Russia’s new CA as trustworthy are the Russia-based Yandex browser and Atom products.

UPDATE: Analysts at the SANS Institute added this commentary: “Certificate authorities have also been revoking some certificates for Russian organizations. As a result, you may get warnings when visiting affected sites. Do not add the new Russian CA as a trusted CA in your browser/operating system. This new CA operates outside the rules governing CAs in current trusted CA lists. Currently, free certificates from Let’s Encrypt should still work for Russian sites.”

The post Experts skeptical new Russian certificate authority will evade sanctions first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

All Okta customer support users had their email addresses copied

Identity and access provider Okta now says the threat actor who accessed its customer help desk system last month got the names and email addresses of all contacts of organizations that use its support system. Originally, the company said that, after an investigation, it determined only one per cent of the contacts from its 18,000

Failure of technology to detect attacks is a prime cause of breaches: Survey

Despite the money being poured into cybersecurity by IT departments, the leading cause of breaches of security controls was the failure of technology to detect an attack, a new survey from Trellix suggests. Forty-two per cent of respondents to the international survey of infosec leaders whose organization had suffered a recent cyber attack said their

Canadian group gets $2.2 million to research AI threat detection for wireless networks

Ericsson Canada and three universities have been awarded funds by the National Cybersecurity

Cyber Security Today, Nov. 29, 2023 – More ransomware attacks on the healthcare sector

This episode reports on a company hit twice by a ransomware gang, the arrest in Ukraine of the alleged head of a ransomware gang

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways