Internet service providers (ISPs) based in Kazakhstan are being instructed to force their users to install government-issued root certificates on their devices to allow agencies to intercept web traffic.

The increasingly-widespread Hyper Text Transfer Protocol Secure (HTTPS) refers to the transmission of data, ordinarily channelled via HTTP, sent instead over an encrypted connection. It's said to raise the level of security and privacy for web users.

The Kazakh government, however, has taken concrete steps towards bypassing this added layer of protection by launching an encryption-busting Qaznet Trust Certificate in the nation's capital Nur-Sultan, according to local media. This is more commonly known in security circles as a man in the middle (MiTM) attack.

When users install the certificate, government agencies are allowed to decrypt the HTTPS internet traffic, examine its contents, and re-encrypt the information with the certificate once more before it's sent to its destination.

The measures may undermine user privacy, with agencies now able to assess the websites a user visits, but the government has justified this by citing security concerns. One advantage, the vice-minister for digital development Ablaykhan Ospanov has claimed, is that it blocks users from visiting known phishing sites.

One Kazakh-based provider, Kcell JSC, has also published an advisory page explaining how users can install the root certificate onto their devices, blocking internet access to devices that haven't implemented the tool.