Kazakh Government To Intercept The Nation’s HTTPS Traffic

Internet service providers (ISPs) based in Kazakhstan are being instructed to force their users to install government-issued root certificates on their devices to allow agencies to intercept web traffic. 

The Kazakh government has taken concrete steps towards bypassing this added layer of protection by launching an encryption-busting Qaznet Trust Certificate in the nation’s capital Nur-Sultan, according to local media. This is more commonly known in security circles as a man in the middle (MiTM) attack. 

Expert Comments: 

Paul Bischoff, Privacy Advocate at Comparitech.com: 

“The Kazakh government’s decision to intercept all HTTPS traffic is about surveillance, not security. This is a man-in-the-middle attack at nation-state scale. It allows ISPs and the government to view the unencrypted internet traffic of everyone in the country. Considering that more than half of the websites visited today use HTTPS, this is a huge endeavour. It actually worsens the cybersecurity of everyone in the country. I’d give it a month before the whole thing falls apart.   

It’s up to web browser makers to take a stand and prevent this sort of attack. Mozilla and Google et al have a couple of options. They can disallow Kazakhstan’s HTTPS certificate altogether, which would make their browsers unusable in the country. Or they could add some sort of indicator to let users know that the government is spying on them.   

A VPN might be a good solution in the meantime.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.