Russia creates its own TLS certificate authority to bypass sanctions
Russia has created its own trusted TLS certificate authority (CA) to solve website access problems that have been piling up after sanctions prevent certificate renewals. [...]
Sanctions shape cybersecurity by restricting transactions, technology access, and support linked to cyber operations and critical infrastructure risks.
Search across headline titles and summaries.
Background for this topic.
Sanctions are legal restrictions imposed by governments or international bodies on dealings with specified countries, organizations, individuals, or activities. They can limit payments, exports, imports, access to services, or provision of technical assistance; the exact prohibitions, exceptions, and licensing rules depend on the relevant jurisdiction. Cyber-related designations may identify operators, companies, or intermediaries linked to malicious activity, but sanctions are legal measures rather than technical indicators of compromise.
For security practitioners, sanctions create operational requirements around counterparties and technology flows. Organizations may need to screen customers, suppliers, service providers, and payment recipients, including aliases and ownership links, and restrict access or support where law requires. Export-control and sanctions rules can also affect distribution of cryptographic products, exploit research, cloud services, and incident-response assistance. Threat intelligence can help map sanctioned entities and evasion networks, while vulnerability-management and response teams should preserve records showing who received software, credentials, or technical help. Because lists and licensing conditions change, automated controls need human review and documented escalation rather than treating a name match as conclusive.
Russia has created its own trusted TLS certificate authority (CA) to solve website access problems that have been piling up after sanctions prevent certificate renewals. [...]
The Treasury Department's Financial Crimes Enforcement Network (FinCEN) warned U.S. financial institutions this week to keep an eye out for attempts to evade sanctions and US-imposed restrictions following Russia's invasion of Ukraine. [...]
The Russian authorities are drafting a set of measures to support the country's economy against the pressure of foreign sanctions, and when it comes to software licensing, the proposal greenlights a form of piracy. [...]