Skip to main content
banner image
venafi logo

Going Undetected: How Cybercriminals, Hacktivists, and Nation States Misuse Digital Certificates

Going Undetected: How Cybercriminals, Hacktivists, and Nation States Misuse Digital Certificates

June 1, 2017 | Christine Drake

All organizations depend on certificates for encryption, authentication and authorization—in data centers, on desktops, on mobile and IoT devices, and in the cloud. But cybercriminals, hacktivists, and nation states are keen to access the trusted status that certificates provide. These assets are particularly valuable because they allow cybercriminals to hide under the cover of encryption to accomplish a variety of nefarious tasks.

Venafi vice president of security strategy and threat intelligence, Kevin Bocek, will explore how organizations are exposed to these types of attacks at the 29th Annual FIRST Conference in San Juan, Puerto Rico on June 14. The following is a brief glimpse at some of the cyber security trends that he will discuss in a speech entitled, Going Undetected: How Cybercriminals, Hacktivists, and Nation States Misuse Digital Certificates

Experts say the next black market is digital certificates. But most businesses don’t fully understand how these digital assets are used by cybercriminals, hacktivists, and nation states to infiltrate and remain undetected. In addition, expired certificates can also cause outages, negatively impacting reliability and availability. However, Security Operations and Incident Response teams often do not look to cryptographic keys and digital certificates as one of the core instruments for attacks or outages. Or if suspected, a lack of visibility and control delay recovery. 

Specifically, Kevin will share how certificates are misused in attacks and the frequency and impact of certificate-related outages—including guidance on how to use this knowledge to develop an incident response program that enables both preventive and corrective actions.

Here’s an overview of some of the ways that digital certificates are misused:

  • Untrustworthy CAs: Security risks are created by untrustworthy certificate authorities (CAs), including those owned and operated by governments.
  • Misuse of certificates in government communications: An investigation into Secretary Hillary Clinton’s email server, using a certificate reputation service to go back in time, showed the server did not use digital certificates and encryption for the first 3 months of term.
  • Government / law enforcement ability to demand key and certificate disclosure: Apple vs. FBI set the stage for current debates on how other countries would have dealt with a similar situation, highlighting the differences in disclosure laws.
  • Certificate vulnerabilities and attacks that misuse certificates: Organizations may not realize their full exposure to threats that result from SSL/TLS vulnerabilities, such as WannaCry, DROWN and continued Heartbleed issues.
  • Certificate-related outages: Recent research investigated the average downtime, number of CAs used, actual and expected certificate growth and other factors that impact certificate-related outages.

Interested in learning more? See Kevin Bocek speak at the 29th Annual FIRST Conference, June 11-16, 2017.

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

SSH Keys—Lowest Cost, Highest Risk Security Tool

Threats in encrypted tunnels

Threats Are Hiding in Encrypted Traffic on Your Network


Poor Privileged Access Management Poses Big Security Problems

About the author

Christine Drake
Christine Drake

Christine Drake writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more