Internet giant Google has labelled a number of websites encrypted using TLS certificates issued by a security company operating inside the United Arab Emirates (UAE) as unsafe, amid reports indicating that the company was involved in hacking visitors to those websites at the behest of the Emirati government.
Last week, Google declared that Chrome and Android would classify all websites using certificates by UAE-based security firm DarkMatter as “unsafe”.
TLS certificates are used to secure and encrypt connections between a user’s browser and the website, and is a key component in creating “HTTPS” connections. A secure HTTPS connection means that no one except the website the user is connected to should be able to see the data that is being transmitted. This is particularly important when users transmit sensitive data, such as by logging into a bank account, email service, or health insurance provider.
However, Google and Mozilla are both concerned that DarkMatter may use their position to allow state actors to snoop on user’s HTTPS traffic – which is possible should the encryption key for the certificates be made available to threat actors.
“The hackers may try to steal your information,” said the company, warning Chrome and Android users against visiting those websites.
Google cited a similar decision taken by Mozilla – which operates the Firefox browser – last month. At the time, Mozilla declared it would block DarkMatter-certified websites following “credible evidence” provided by Reuters and other media outlets that the company had been involved in hacking.
Mozilla also expressed concerns over DarkMatter using its position as a cyber-security guard to initiate secret hacking operations.
The main internet browsers offered DarkMatter temporary status to validate website security in 2017. Under this temporary status, DarkMatter has approved some 275 websites, most of which belong to local companies or to the UAE-based security company.
The company sought to be identified as one of about sixty companies having fully-recognised status as a certificate provider.
In January, Reuters revealed that former US National Security Agency (NSA) agents supported the UAE in implementing a spying project known as “Black Crow” or “Raven”, targeting the Emirates opponents, which mainly included dissidents, journalists, and jurists.
In 2015, UAE defence officials told members of the US team that they had to run the Raven project through DarkMatter.
Faisal Al-Bannai founded the new UAE company in 2014, along with Axiom, one of the largest mobile phone vendors in the region. DarkMatter introduced itself as an innovative developer of internet security technology, providing the UAE security forces with surveillance assistance and trying to recruit foreign experts. The Raven project was kept secret, even from most of the company’s executives.
The UAE company, having more than 650 employees, publicly recognises a close business relationship with the Emirati government, but denies taking part in UAE-backed piracy efforts.