The era of “HTTPS Everywhere"
After years of calling for “HTTPS Everywhere” on the web and encouraging websites to use HTTPS by default, Google officials say the effort has begun to pay off. New data released at the end of October 2016 shows that more than 50% of all pages loaded by the Chrome browser are now served over HTTPS.
The reason Google has been such a strong advocate for the increased use of SSL encryption across the web is to protect users from eavesdropping and data theft. This is important because internet communications are susceptible to interception by hackers and others who know how to manipulate networks. But if these communications are encrypted using HTTPS, then even if they get intercepted, hackers will not be able to decipher them and steal your data.
And Google has heeded its own advice by making HTTPS the default connection option for many of its main services, including Gmail and search. Perhaps more importantly, in 2014 the company started to use HTTPS as a ranking signal for its search results, compelling many other websites to adopt HTTPS as their default connection option as well.
Are we safer?
The big question is, are we safer now that there’s more HTTPS in the world? In general, the answer is yes. SSL encryption (also known as transport layer security, or TLS) is crucial to protecting web transactions and email communications. When you connect to a website that uses SSL encryption or you send an email over TLS, you can be assured that you have strong security in 3 areas:
- Authentication - the website is who they say they are
- Data integrity - no one has tampered with the data
- Encryption - no one can see the conversation
These three aspects of security—authentication, data integrity and encryption—ensure that hackers can’t eavesdrop on your surfing, read your email, or otherwise interfere in your affairs.
But there’s a darker side to HTTPS. While SSL encryption is crucial to protecting web transactions and email communications, both inbound and outbound data encrypted with this common method often passes uninspected through your organization’s security framework. Hackers know this, and as a result SSL encryption has become a ready-made channel to conceal malware downloads, data exfiltration, and botnet Command & Control communications. According to research by Zscaler, 54% of advanced persistent threats use SSL. And Gartner has predicted that 50 percent of all network attacks will take advantage of SSL/TLS by 2017.
Why is malware over SSL so hard to see?
One of the ugly little secrets of the security industry is that hardware appliances like firewalls, UTMs, and secure web gateways were not designed to handle decryption. As a result, their performance grinds to a halt when they try. A research study on Next Generation Firewalls by NSS Labs1 found that SSL decryption caused an average of 81% performance loss across all vendors tested. Some vendors advocate adding more hardware to handle the increased workload of SSL inspection, but this approach can be extremely costly. And unfortunately, given the statistics above, ignoring the issue is becoming increasingly dangerous.
Protecting yourself from malware over HTTPS
At the end of the day, while the use of HTTPS on the web is at 50% and growing, the use of HTTPS as a transport mechanism for malware is also increasing. If you plan to continue to use the internet for web and email, then you need to do something to protect yourself against this threat.
This is where Cyren cloud security comes in. By leveraging cloud-scale compute resources for SSL inspection in web and email, you can protect your organization from SSL-delivered threats without unreasonable costs. Cyren’s high-performance architecture enables SSL decryption, inspection, and re-encryption at scale, without latency. Unlike firewalls and UTMs, Cyren SSL inspection is built in, not bolted on, so there’s no hardware to buy, no software to install, and no infrastructure to maintain. Your users won’t see a performance hit, regardless of where they are or what devices they are using. And you’ll get the benefit of Cyren’s multi-tenant cloud, which means that once we identify a threat across any of our 600 million users, we propagate protection within seconds to everyone. With Cyren you’ll be able to stop threats in email and on the web before they hit your network, block botnet connections, and remediate infected devices before they leak critical information.
1. “SSL Performance Problems”, John W. Pirc, NSS Labs, 2013
Want to find out if you are vulnerable to malware over SSL - test your web security here!