Moscow to issue HTTPS certs to Russian websites

Meanwhile, Anonymous claims it's popped Putin's comms regulator


Moscow has set up its own certificate authority to issue TLS certs to Russians affected by sanctions or otherwise punished for president Putin's invasion of Ukraine.

A notice on the government's unified public service portal states that the certificates will be made available to Russian websites unable to renew or obtain security certificates as a knock-on effect of Western sanctions and organizations refusing to support Russian customers. These certs are primarily useful for providing secure HTTPS connections. Delivery of the certificates is promised within five days of requests.

The portal is silent on which browsers will accept the certs. This is a critical matter, because if browsers don't recognize or trust the certificate authority that issued a cert, a secure connection isn't generally possible. The Register cannot imagine any of the mainstream browser devs will rush to make these Russian certs work in their applications.

Russians do have a local alternative. Yandex, the nation's Google analog, has won 16 per cent local market share with its YaBrowser – well behind the 55 per cent share Stat Counter attributes to Google's Chrome.

If Yandex recognizes Russia's certs, and can quickly upgrade users and win tens of million more, Russia's plans just might fly. As a bonus for Putin, it's rather easy for Kremlin spies to intercept, decrypt, and snoop on connections encrypted using certificates issued by the government. The more websites using Moscow-issued certs, the more connections Putin's agents can quietly monitor.

Russia is meanwhile believed to be behind recent disruption at Ukrainian telecoms providers. Doug Madory, director of internet analysis at network observability firm Kentik, has offered the following analysis:

Forbes reported that Ukrainian ISP Triolan attributed its outages to a pair of cyber attacks on its infrastructure.

Russia appears to have a need to run some defense, too, because entities using the name and iconography of hacktivist collective Anonymous (that's EUTNAIOA) claim to have cracked Russian telecoms and media regulator Roskomnadzor and lifted 820GB of data from one of its state offices.

A post describes the data as comprising 364,000 files, 529GB of which appear to be largely email – which EUTNAIOA has warned needs to be handled with care as attachments carry malware – with the remainder being database files that detail legal investigations and HR matters.

The authors of EUTNAIOA's post write that they plan to release the data once they figure out how to extract it, and hope that it informs Russians about how their government censors local media.

That media, however, is forbidden from carrying any news that might let Russians understand the heinous nature of its illegal invasion of Ukraine. The brave Russians that have protested the war in public have been swiftly arrested, their fates unknown.

Cryptography – which Russia has rightly identified as a key issue in the economic dimension of this conflict – will also be a critical tool if the flow of information unmolested by Vladimir Putin ever resumes in Russia. ®


Other stories you might like

  • Taiwan bans exports of chips faster than 25MHz to Russia, Belarus
    Doom it is, then, Putin

    Taiwan's government has enacted a strict ban on the export of computer chips and chip-making equipment to Russia and Belarus, a move that will make it even harder for the two countries to access modern processors following export bans from other countries.

    The island nation is the world's largest advanced chip manufacturing hub, so the export ban carried out by Taiwan's Ministry of Economic Affairs, reported last week, will make it more difficult for Russia and Belarus to find chips for a variety of electronics, including computers, phones and TVs.

    Russia has already been scrambling to replace x86 processors from Intel and AMD that it can no longer access because of export bans by the US and other countries. This has prompted Russia to source x86-compatible chips from China for laptops that will be considerably slower than most modern systems. The country is also switching to servers using its homegrown Elbrus processors, which Russia's largest bank has found to be inadequate for multiple reasons.

    Continue reading
  • Ukraine's secret cyber-defense that blunts Russian attacks: Excellent backups
    This is why Viasat attack – rated one of the biggest ever of its kind – had relatively little impact

    RSA Conference The Kremlin-backed cyberattack against satellite communications provider Viasat, which happened an hour before Russia invaded Ukraine, was "one of the biggest cyber events that we have seen, perhaps ever, and certainly in warfare," according to Dmitri Alperovitch, a co-founder and former CTO of CrowdStrike and chair of security-centric think tank Silverado Policy Accelerator.

    Alperovitch shared that opinion during a global threat briefing he delivered with Sandra Joyce, EVP of Mandiant Intelligence, at the RSA Conference on Tuesday.

    The two suggested that the primary purpose of the attack on satellite comms provider Viasat was to disrupt Ukrainian communications during the invasion, by wiping the modems' firmware remotely, it also disabled thousands of small-aperture terminals in Ukraine and across Europe. The attack therefore disrupted satellite connectivity for thousands, and disabled remote monitoring of 5,800 wind turbines in Germany.  

    Continue reading
  • Brave Search leaves beta, offers Goggles for filtering, personalizing results
    Freedom or echo chamber?

    Brave Software, maker of a privacy-oriented browser, on Wednesday said its surging search service has exited beta testing while its Goggles search personalization system has entered beta testing.

    Brave Search, which debuted a year ago, has received 2.5 billion search queries since then, apparently, and based on current monthly totals is expected to handle twice as many over the next year. The search service is available in the Brave browser and in other browsers by visiting search.brave.com.

    "Since launching one year ago, Brave Search has prioritized independence and innovation in order to give users the privacy they deserve," wrote Josep Pujol, chief of search at Brave. "The web is changing, and our incredible growth shows that there is demand for a new player that puts users first."

    Continue reading
  • International operation takes down Russian RSOCKS botnet
    $200 a day buys you 90,000 victims

    A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.

    The RSOCKS botnet functioned as an IP proxy service, but instead of offering legitimate IP addresses leased from internet service providers, it was providing criminals with access to the IP addresses of devices that had been compromised by malware, according to a statement from the US Attorney’s Office in the Southern District of California.

    It seems that RSOCKS initially targeted a variety of Internet of Things (IoT) devices, such as industrial control systems, routers, audio/video streaming devices and various internet connected appliances, before expanding into other endpoints such as Android devices and computer systems.

    Continue reading

Biting the hand that feeds IT © 1998–2022