Apple, Google, Microsoft, and Mozilla banned on Saturday malicious certificate that was being used by the Kazakhstan government to intercept HTTPS traffic coming from the capital Nur-Sultan city.
Officials cited that cyberattacks targeted “Kazakhstan’s segment of the internet” grew 2.7 times during the current COVID-19 pandemic. Meanwhile, the government’s explanation did, however, make zero technical sense, as certificates can’t prevent mass cyber-attacks and are usually used only for encrypting and safeguarding traffic from third-party observers.
Moreover, the certificate was first used on December 6 when local authorities forced Internet providers to prevent Nur-Sultan residents from accessing foreign websites without a special certificate issued by the government.
On other hand, this is not the first time that four companies have teamed up to make the Internet a safer place. In August 2019, the same certificate used to block traffic to various Russian and English-speaking social media sites in Kazakhstan was also blocked.
Later, Microsoft used Orion software, a widely used network management software by Solar Windows, which has been used in suspected Russian attacks on vital US agencies and other targets, according to Tech reportes issued on Friday.
Brad Smith, the Microsoft’s president, explained the attack illuminates the ways the cybersecurity landscape continues to evolve and becomes even more dangerous.
Meanwhile, the hackers exploited Microsoft’s cloud services while avoiding the company’s infrastructure. On other hand, the hackers inserted malicious code into SolarWinds‘ Orion software updates sent to nearly 18,000 customers. It existed in updates released between March and June of this year.
Follow the latest news on Google News
