About Thawte

News

Study finds rising trend of fake SSL certificates

Imposters exist in nearly every industry, undercutting the value and importance of their legitimate counterparts everywhere. It's no surprise that the same is true within the cybersecurity sector - hackers leverage fake emails and websites all the time, crafting them to appear real in order to trick users. Recently, however, researchers studied a fraud that represents one of the less familiar counterfeits out there - fictitious SSL certificates.

Study seeks to quantify fake SSL certificates
According to Threatpost editor Michael Mimoso, a cybercriminal leveraging a spurious SSL certificate can wreak quite a bit of havoc in today's computing landscape.

"An attacker with a forged SSL certificate is quite the Internet villain these days, be he a criminal or government spy," Mimoso wrote. "In possession of such a cert, an attacker can easily decrypt and monitor traffic, steal credentials and other sensitive information from a network."

Recently, a group of Facebook engineers took it upon themselves to see just how common these practices were. The team paired with Carnegie Mellon University researchers to establish a new strategy for detecting man-in-the-middle attacks over SSL. During the creation of this technique, researchers and engineers were also able to capture a wide range of information about the attacks, including what type of SSL certificate was being used, Mimoso reported.

Over four months, the team studied a total of 3.5 million SSL connections made to Facebook and found that 6,845 of those utilized a fake certificate. Although this only amounts to 0.2 percent of the total connections, Mimoso noted that it could point to an overall trend.

"While the number is relatively small, this is just one sample on a top 10 website, indicating this might be happening on a much larger scale," Mimoso wrote.

The report underscored this, noting that instances of SSL man-in-the-middle attacks were increasing on a global scale.

What to consider before buying an SSL certificate
Researchers also found that the vast majority of the fake SSLs used in the studied connections were posing as legitimate antivirus, firewall and security software providers. In order to prevent being duped by an attacker of this kind, it is important that individuals understand what to look for when purchasing an SSL certificate.

A main consideration is the type of SSL certificate that will be utilized, noted Jimmy Edge, Symantec's EMEA digital marketing manager. There are a variety of different certificates, each used for different purposes and providing a different level of protection. A trusted certificate authority can help organizations decide upon the best SSL to suit their needs.

Protect data in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950

We have updated our Privacy Policy which can be found here.

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?