We’ve all come to rely on SSL security, both at work and in our home lives. We look for that universal symbol – the padlock in the browser bar – that tells us the site we’re visiting is safe.

Screenshot of SSL Secure Website - DC Networks

We’re familiar with the scams and tricks that might encourage us to put our data into fake sites, so we double-check the information, looking for the ’s’ on the end of the HTTP that proves every session with that site is safe.

But it’s not as safe as most people think.

 

Encrypted cyber attacks have hit record highs

The reality is that in the past 12 months, a record escalation in the rate of encrypted cyber attacks means that the very security web users have relied on to keep their data safe is now opening them up to risk.

Cyber attacks can happen as we download files from a website because these files can be malicious. While files from unencrypted websites (HTTP) can be scanned by firewalls and antivirus software and can be quarantined before they hit our devices, many of these firewalls and software systems just aren’t equipped to carry out the same scanning for encrypted files.

This means that the SSL certificate on the site we’re visiting, which we thought protected us, could actually be increasing our risk.

 

Encrypted traffic is important, but so is protection from encrypted attacks

This risk is just as prevalent with personal use as in our business environments. Whether we know it or not, we download data whenever we visit a website, even one as trustworthy as our bank or building society. Some are only tiny, used to speed up transactions and store preferences, but they can also be used to conceal malware, ransomware and other cyber attacks.

Businesses and regular web users often don’t recognise the need to inspect their SSL traffic because they have the belief it can only come from a safe source.

Essentially, SSL is becoming as much of a blind spot for businesses and web browsers as it is a security tool, and firewalls that don’t have a significant defense against encrypted files may be wide open to attack.

 

The right firewall solutions can protect personal users as well as business users

The solution is to deploy firewalls that can decrypt SSL-encrypted traffic and scan it before malicious files can gain access to your device and your network, whether personal or business.

Logically, this could lead some users to worry that their personal details, such as banking or taxation information, might be decrypted. However, the more advanced systems allow you to whitelist specific websites to keep the information exchanged with them securely encrypted.

 

Now you know, so don’t be caught out

So, now you know. If you want to make sure that your personal or business computer use is secure, contact our team and to discover our range of robust security solutions, including FWaaS (Firewall as a Service) services which keep pace with the fast-moving world of cyber attacks.

Click here to read more about how encrypted attacks work and how you can protect yourself or your business from them.