Skip to main content

Kazakhstan is building a cheaper version of China's Great Firewall

Kazakhstan is building a cheaper version of China's Great Firewall


Authoritarian country to begin intercepting encrypted traffic in January

Share this story

Carl Court/Getty Images

The Kazakhstan government is creating its own version of China's Great Firewall, The New York Times reports, in an effort to intercept encrypted web and mobile data that passes through its borders. A press release from the country's largest telecom, Kazakhtelecom JSC, said the company will begin intercepting encrypted data as of January 1st, as mandated under law. Doing so, it said, would "secure protection of Kazakhstan users," though it would in fact make it easier for the government to monitor or block online communications and content. The press release has since been removed from Kazakhtelecom JSC's website.

A less-Great Firewall

According to the Times, Kazakhstan's system is a more stripped-down version of China's Great Firewall. Rather than relying on large, automated systems, the Kazakh government is ordering its citizens to install a "national security certificate" on their smartphones and computers. The certificate would give the government and telecoms access to encrypted data sent to and from foreign servers, circumventing encryption protocols like HTTPS and SSL in what is known as a "man in the middle" attack.

The fear is that Kazakhstan will use its new system to further tighten its grip over the web. President Nursultan Nazarbayev has been in power since 1989, and since 2012, his regime has seized greater control over the media, censoring websites and jailing dissenters. Last month, Human Rights Watch described Kazakhstan as an authoritarian dictatorship where "few tangible and meaningful human rights and rule of law reforms have been forthcoming in recent years."

Kazakhstan's strategy isn't unprecedented; Iranian hackers used a similar method in 2011, using a trusted Dutch certificate called DigiNotar to monitor the Gmail accounts of 300,000 users. In that case, Google, Microsoft, and other companies blacklisted DigiNotar certificates. If they decide to blacklist Kazakhstan's certificate, much of the internet would be inaccessible to users within the country.