- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Type of Threat or Opportunity
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
- Type of Threat or Opportunity
- >
- Technological
- >
- IT cybersecurity & privacy specific technology and threats
- >
- Identify
- >
Rogue certificates, misplaced trust
A digital certificate that should ensure websites are legitimate can be untrustworthy due to rogue certificate authorities, breached authorities, a beaten domain control check or a hijacked Domain Name Server. A Certification Authority (CA) is an authority or business which issues or sells digital certificates that make sure that for example online transactions are secure and that the parties that are involved are authenticated correctly. These digital certificates (for example SSL and TLS certificates) can be used by malicious individuals to impersonate others, which can cause security issues for many websites. The CAs operate within a so-called Public-Key-Infrastructure (PKI), which in simple terms is an environment that includes everything that manages public-key encryption (for safe access to websites) and the distribution of certificates. For example, a web browser uses digital certificates issued by CAs to secure internet connections (shown by a lock symbol in the address bar).
Web browsers usually trust these CAs to issue valid certificates. However, if a CA goes rogue or is hacked, the issued certificates, which appear to be valid and are trusted by web browsers, can be used for malicious goals. This in turn leads to misplaced trust between the web browsers and CAs. For example, a CA gets hacked, and hundreds of certificates fall into the hands of a malicious hacker. The hacker can then impersonate many websites and use this for harmful goals such as fraud, misinformation and spreading of malware. If a CA becomes untrusted, browsers may block all traffic to and from websites using their certificates thereby crippling part of the internet. Rogue certificates are hard to revoke and blocking them is hard or impossible for end-users, this needs to be done by CAs and browser vendors.
Related keywords: server authentication, signed digital certificates, compromised authority, trusted root, man-in-the-middle attacks, certificate transparency, DNS hijacking, signed malware, fake SSL certificates.
A digital certificate that should ensure websites are legitimate can be untrustworthy due to rogue certificate authorities, breached authorities, a beaten domain control check or a hijacked Domain Name Server. A Certification Authority (CA) is an authority or business which issues or sells digital certificates that make sure that for example online transactions are secure and that the parties that are involved are authenticated correctly. These digital certificates (for example SSL and TLS certificates) can be used by malicious individuals to impersonate others, which can cause security issues for many websites. The CAs operate within a so-called Public-Key-Infrastructure (PKI), which in simple terms is an environment that includes everything that manages public-key encryption (for safe access to websites) and the distribution of certificates. For example, a web browser uses digital certificates issued by CAs to secure internet connections (shown by a lock symbol in the address bar).
Web browsers usually trust these CAs to issue valid certificates. However, if a CA goes rogue or is hacked, the issued certificates, which appear to be valid and are trusted by web browsers, can be used for malicious goals. This in turn leads to misplaced trust between the web browsers and CAs. For example, a CA gets hacked, and hundreds of certificates fall into the hands of a malicious hacker. The hacker can then impersonate many websites and use this for harmful goals such as fraud, misinformation and spreading of malware. If a CA becomes untrusted, browsers may block all traffic to and from websites using their certificates thereby crippling part of the internet. Rogue certificates are hard to revoke and blocking them is hard or impossible for end-users, this needs to be done by CAs and browser vendors.
Related keywords: server authentication, signed digital certificates, compromised authority, trusted root, man-in-the-middle attacks, certificate transparency, DNS hijacking, signed malware, fake SSL certificates.
close