Cybercrime and TLS Cybercrime and TLS Phishing Browsers

  • Slides: 11
Download presentation
Cybercrime and TLS

Cybercrime and TLS

Cybercrime and TLS Phishing, Browsers and Let’s Encrypt Dmitry Belyavskiy, Technical Centre of Internet

Cybercrime and TLS Phishing, Browsers and Let’s Encrypt Dmitry Belyavskiy, Technical Centre of Internet Kyiv, Ukraine UADOM-2017 December 1, 2017

TLS trends Free certificates New standards Browser warnings TLS traffic > 55% Cybercrime, botnets,

TLS trends Free certificates New standards Browser warnings TLS traffic > 55% Cybercrime, botnets, etc: > 30%

3 1/ 4// 20 1/ 5 16 20 1 6/ 16 2 1/ 7/

3 1/ 4// 20 1/ 5 16 20 1 6/ 16 2 1/ 7/ 16 200 1/ 4 / 16 2 5 / 42 16 30 68 42 1 2 4 64 42 4 67 42 5 70 42 5 73 42 6 76 42 7 79 42 5 82 42 6 85 42 6 88 42 7 91 42 7 94 42 8 97 43 9 00 43 9 04 0 Certificates for free! 250000 0 Source: https: //statdom. ru 200000 150000 100000 Comodo 50000 Let's Encrypt Comodo

Free certificates: bad news Phishing domains Normal domains

Free certificates: bad news Phishing domains Normal domains

Pay. Pal phishing certificates Source: ww. bleepingcomputer. com/news/security/14 -766 -lets-encrypt-ssl-certificates-issued-to-paypal-p sites/ 6000 5000 4000

Pay. Pal phishing certificates Source: ww. bleepingcomputer. com/news/security/14 -766 -lets-encrypt-ssl-certificates-issued-to-paypal-p sites/ 6000 5000 4000 3000 2000 1000 3/ 01 1/2 6 4/ 01 1/2 56/ 01 1/2 6 42 5 3 8 42 6 4 1 42 6 4 4 42 6 5 7 42 7 5 0 42 7 6 3 42 7 7 6 0 Pay. Pal. *

Free certificates: balance Free wildcard certificates CA/Browser forum recommendations

Free certificates: balance Free wildcard certificates CA/Browser forum recommendations

Technical solutions CAs: CA/Browser’s Forum recommendations + Check “dangerous” names - Automatic issuance Browsers:

Technical solutions CAs: CA/Browser’s Forum recommendations + Check “dangerous” names - Automatic issuance Browsers: + Warn users about suspicious names - False positives

Explain to users! Green lock means nothing Certificate DOES NOT mean secure site Certificate

Explain to users! Green lock means nothing Certificate DOES NOT mean secure site Certificate is significant for reputation DV certificates confirm only control over domain EV certificates confirm the domains owner Phishers use new technologies too

What can registries do? Sell more EV certificates! Educate users

What can registries do? Sell more EV certificates! Educate users

Cybercrime and TLS Questions? beldmit@tcinet. ru

Cybercrime and TLS Questions? [email protected] ru