Traffic interception and MitM attacks among security risks of Russian TLS certs

Russia is offering its own Transport Layer Security (TLS) certificates to bypass sanctions imposed by Western companies and governments that are limiting citizens’ access to websites amid the nation’s invasion of Ukraine. Restrictions on foreign payments are leaving many Russian websites unable to renew certificates with international signing authorities causing browsers to block access to sites. As a result, the Russian state has launched a domestic TLS certificate authority (CA) for the independent issuing and renewal of TLS certificates. The risks of Russian-owned and -issued TLS certificates are significant and include traffic interception and man-in-the-middle (MitM) attacks.

Russian certs replace revoked or expired foreign certs

TLS certificates – most known as SSL or digital certificates – secure internet connections by encrypting data sent between browsers, websites and servers. When a certificate expires, web browsers such Google Chrome, Safari and Mozilla Firefox warn that a page may be insecure, which can drive users away.

According to a Russian public-service announcement, the state will replace foreign security certificates that are revoked or expire free-of-charge upon request. “The security certificate is designed to authenticate the site on the internet when establishing a secure connection,” it added. Widely used browsers like Chrome and Firefox are yet to recognize the state-supplied certificates as trustworthy with Russians advised to use Russian-based alternatives. Russian media has circulated a list of almost 200 domains that have reportedly been told to use the domestic TLS certificate, although it is not currently mandatory.

Security risks posed by Russian-issued TLS certs

The threats posed by the advent of Russia’s state-provided certificates are significant for Russian users. “With the major certificate authorities revoking or simply not renewing the certificates for Russian businesses, they are left in a difficult position,” Mike Parkin, researcher and senior technical engineer at Vulcan Cyber, tells CSO. “While it’s unlikely that the major browsers will ever accept the new Russian CA, it may be a problem for those users in Russia. They will have to rely on their CA, which is sanctioned by a government that is not well known for respecting user privacy or taking a strong stand against cybercriminals.”

Practically, if you can’t trust the CA, then you can’t trust that they won’t authorize certificates that could be used in a MitM attack, Parkin continues. “While a careful user might notice that the certificate they’re connecting to isn’t their ultimate goal, similar to what they would see going through a web gateway that performs deep packet inspection, the browser would see the signed certificate as legitimate and not throw a warning. This could allow for widespread surveillance, as well as other malicious uses.”

Outpost24 CSO Martin Jartelius agrees, adding that if a browser trusts the authority, the one controlling it can abuse certificates for the purpose of plaintext interception of traffic. “Of course, abusing trust this way would lead to a revocation of trust of the authority, but it will work for select purposes, if one is willing to sacrifice the trust for it.”

Yuval Wollman, president of CyberProof and ex-director-general of the Israeli Intelligence Ministry, tells CSO: “If you want to minimize the risk, keep your employees away from any Russian-issued TLS certificates because their legitimacy is questionable, and control over them is unclear. Block access to sites using Russian-issued TLS certificates at the infrastructure level using a blacklist, until the situation develops further and can be reassessed.”

Threat actors prepare for Russian “sovereign internet”

Russia’s actions have prompted observers and Russian-speaking threat actors to speculate that the nation’s total disconnection from the global internet is imminent, according to a Flashpoint blog post. “This would happen under a 2019 Law on Sovereign Internet. According to Russia’s legislation, disconnecting Russian internet infrastructure from the global internet would be a defensive move, although this leaves a wide room for interpretation,” it read.

Flashpoint suggests this could make websites from outside Russia unreachable for Russian users, create service degradation, and defeat evasion methods such as VPNs. Russian-speaking threat actors are therefore actively looking for solutions to bypass increasing state control over online traffic if authorities try to disconnect Russia altogether, Flashpoint added. Flashpoint analysts observed threat actors suggesting several workarounds of existing and potential future blocks on various forums, including:

• A content bot on the SliVap forum offered a software using anti-DPI technology, which would allegedly allow users to bypass existing blocks by not leaving digital fingerprints typical of VPN, Tor and proxy services that DPI technology relies on to block the use of such evasion techniques.
• A VPN service advertised on the YouHack forum claims to be able to bypass DPI technology and prevent ISPs from logging DNS queries.
• Users of the top-tier Exploit forum suggested using a Telegram bot that provides Tor bridges (relays that are not listed in the public Tor directory and are thus theoretically not blocked). Earlier, users suggested using a VPN-Tor-VPN combination to bypass blocks.