Cybercrime and TLS

Cybercrime and TLS Phishing, Browsers and Let’s Encrypt Dmitry Belyavskiy, Technical Centre of Internet Kyiv, Ukraine UADOM-2017 December 1, 2017

Cybercrime, botnets, etc: > 30% TLS trends TLS traffic > 55% New standards Free certificates Browser warnings Cybercrime, botnets, etc: > 30%

Certificates for free!

Free certificates: bad news Phishing domains Normal domains

PayPal phishing certificates

Free certificates: balance Free wildcard certificates CA/Browser forum recommendations

Technical solutions CAs: CA/Browser’s Forum recommendations + Check “dangerous” names - Automatic issuance Browsers: + Warn users about suspicious names - False positives

Explain to users! Green lock means nothing Certificate DOES NOT mean secure site Certificate is significant for reputation DV certificates confirm only control over domain EV certificates confirm the domains owner Phishers use new technologies too

What can registries do? Sell more EV certificates! Educate users

Cybercrime and TLS Questions? beldmit@tcinet.ru