Rogue SSL Certificates Could Lead to Infection

Rogue SSL Certificates Could Lead to Infection

Websites use SSL certificates to authenticate identities and allow site visitors to engage with content in a secure manner. SSL certificates (which stands for Secure Sockets Layer) are utilized by websites to communicate with user’s Web browsers. These secure links, according to Network Solutions, are essential tools in providing data protection for website users – they basically ensure the security of all data passing between the IP address of the user and that of the website. From the user’s perspective, seeing an SSL certification seal pop up when visiting a website provides awareness that it’s safe to conduct communications and business online. SSL certificates also provide the encryption that makes it possible for customers to use their credit and debit cards over the Internet by scrambling the information received by sites and making it unreadable to anyone without an authentication key.

Rogue SSL problems
However, recent fraudulent actions relating to the issuing of SSL certificates have resulted in head-scratching from across the tech industry. Earlier this year, for instance, Microsoft blacklisted a subordinate certificate authority called MCS Holdings, which had been granted authority to issue certificates by the China Internet Network Information Center. According to ComputerWorld contributor Lucian Constantin, Microsoft’s blacklisting of these subordinate SSLs means that browsers will no longer trust them.

In another, more recent incident, Symantec experienced a similar issue wherein a subsidiary was creating fraudulent certificates in the company’s name, according to The Register contributor John Leyden. The false certificates were produced for testing purposes, but a few were issued inappropriately for three domains during the test, company officials noted. In this instance, the employees responsible were let go for not correctly following company policy, and the problematic certificates were immediately revoked.

These incidents indicate that it’s still crucial to be aware of how your computer system could be impacted.

What does “rogue SSL” really mean?
When these certificates are issued by trusted names, not only does it provide protection against infection, but it also further cements the issuing company’s reputation in the eyes of the user. But what if it turns out the connection forged between your computer and the website isn’t, in fact, secure?

“In the wrong hands, these certificates could have been used by malicious systems to impersonate legit Google websites,” Leyden wrote about the Symantec incident. “They could have been used to intercept and decrypt passwords, login cookies and other encrypted traffic destined for Google.”

In short, when security certificates are not authentic, this can enhance the possibility of malware or hackers infiltrating your system. Rogue SSLs are bad news for your equipment if they allow hackers to gain access to passwords or let in malware that could destroy configurations and make systems sluggish.

What can you do to protect your company against intrusion and combat against fraudulent SSL certificates? Software like Anti-Virus from Faronics is one solution to this issue. It provides layered security by combining anti-virus, anti-spyware, anti-rootkit, firewall and web filter – so that endpoints are as protected as possible from every angle.

Get in touch with Faronics today to find out how we can improve the security of your computer system and augment protection in case of fraudulent SSL certificates.

Matt Williams

A self-proclaimed ‘tech geek’, Matt has worked in technology for a decade and divides his time between blogging and working in IT. A huge New York Giants fan, when not watching football Matt gets his game on playing Call of Duty with his friends and other tech bloggers.