Experts skeptical new Russian certificate authority will evade sanctions

Share post:

Russia has found what it hopes is a way to get around Ukraine-related war sanctions that are preventing websites in the country from renewing their TLS certificates. Web browsers block sites with expired security certificates, causing trouble for Russian government and business sites.

TLS (Transport Layer Security) certificates are created by an authorized certificate authority (CA) to serve two vital functions in a browser:  to verify a domain’s owner and create an encrypted session between applications over the Internet.

But according to Bleeping Computer, Russia has created its own trusted TLS certificate authority (CA) to get around the sanctions problem.

Experts from Venafi aren’t sure it will work.

Pratik Selva, a security engineer with Venafi, said the establishment of the new Russian CA also could create the possibility of a catastrophic single point of failure for Russian entities. “It’s safe to assume that this new CA will be a primary target of Anonymous and other groups that are currently waging cyberattacks against Russian entities,” he said. “Unlike the rest of the world, both government and private-sector Russian sites and infrastructure don’t have a CAs, so if this one goes down or is compromised, every website connected to it will be disconnected from the internet until a new CA is created and new certificates can be issued.”

Kevin Bocek, Venafi’s VP of threat intel and security strategy, said the new Russian Certificate Authority “is a clear strike at privacy and freedom online because it gives the Russian government the power to surveil citizens and spoof any Western Internet service from Twitter to BBC. It also could enable the government to essentially turn off the Internet for Russians. The only good news is that this change does not impact users of Edge, Chrome, Safari in the rest of the world – this change only affects areas of the world where Russia can compel users to step back into a controlled digital world.

“All of this should come as no surprise,” Boeck said. “It is further escalation in conflict against an open Internet and an expansion of control over citizens. Russia is also locking itself out of the global economy and dimming the hopes of economic growth for current and future generations of Russian citizens.”

According to Bleeping Computer, as of Thursday morning the only web browsers that recognized Russia’s new CA as trustworthy are the Russia-based Yandex browser and Atom products.

UPDATE: Analysts at the SANS Institute added this commentary: “Certificate authorities have also been revoking some certificates for Russian organizations. As a result, you may get warnings when visiting affected sites. Do not add the new Russian CA as a trusted CA in your browser/operating system. This new CA operates outside the rules governing CAs in current trusted CA lists. Currently, free certificates from Let’s Encrypt should still work for Russian sites.”

The post Experts skeptical new Russian certificate authority will evade sanctions first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, March 29, 2024 – PyPI repository shuts to stop malicious uploads, a plea to developers to stop creating apps with SQL...

This episode reports on a US$10 million reward for a ransomware gang, a new Linux version of a backdoor

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Cyber Security Today, March 25, 2024 – A suspected China threat actor going after unpatched F5 and ScreenConnet installations

This episode reports on a new campaign stealing email passwords ,the latest data breaches

A hacker’s view of the civic infrastructure: Hashtag Trending, the Weekend Edition for March 23rd, 2024

What does the civic infrastructure look like through the eyes of a hacker? The legendary general Sun Tzu in the Art of War said that in order to defeat your enemy, you must first understand your enemy. How do you do this? He said, “to know your enemy, you must become your enemy.” If we

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways