Internet service providers (ISPs) based in Kazakhstan are being instructed to force their users to install government-issued root certificates on their devices to allow agencies to intercept web traffic.
The Kazakh government has taken concrete steps towards bypassing this added layer of protection by launching an encryption-busting Qaznet Trust Certificate in the nation’s capital Nur-Sultan, according to local media. This is more commonly known in security circles as a man in the middle (MiTM) attack.
Important ➤#Kazakhstan Government begins "forceful" interception and monitoring of encrypted #HTTPS Internet traffic for all its citizens.
“The Kazakh government’s decision to intercept all HTTPS traffic is about surveillance, not security. This is a man-in-the-middle attack at nation-state scale. It allows ISPs and the government to view the unencrypted internet traffic of everyone in the country. Considering that more than half of the websites visited today use HTTPS, this is a huge endeavour. It actually worsens the cybersecurity of everyone in the country. I’d give it a month before the whole thing falls apart.
It’s up to web browser makers to take a stand and prevent this sort of attack. Mozilla and Google et al have a couple of options. They can disallow Kazakhstan’s HTTPS certificate altogether, which would make their browsers unusable in the country. Or they could add some sort of indicator to let users know that the government is spying on them.
Kazakh Government To Intercept The Nation’s HTTPS Traffic
Internet service providers (ISPs) based in Kazakhstan are being instructed to force their users to install government-issued root certificates on their devices to allow agencies to intercept web traffic.
The Kazakh government has taken concrete steps towards bypassing this added layer of protection by launching an encryption-busting Qaznet Trust Certificate in the nation’s capital Nur-Sultan, according to local media. This is more commonly known in security circles as a man in the middle (MiTM) attack.
Expert Comments:
Paul Bischoff, Privacy Advocate at Comparitech.com:
It’s up to web browser makers to take a stand and prevent this sort of attack. Mozilla and Google et al have a couple of options. They can disallow Kazakhstan’s HTTPS certificate altogether, which would make their browsers unusable in the country. Or they could add some sort of indicator to let users know that the government is spying on them.
A VPN might be a good solution in the meantime.”
Recent Posts
How Dangerous Is BlackBasta Ransomware?
Russian Hacker Group Says Cyber Attacks Continue On Lithuania
Minors Use Discord Servers To Earn Extra Pocket Money Through Spreading Malware
Kubernetes API: Over 900,000 Exposures Found Across The Internet
82% Cyber Breaches In Verizon’s Report Preventable, Says MyCena