Increasing Use Of Encryption For Malicious Purposes

Cyber criminals are focusing on by-passing strong encryption and it is very important for organisation and governments to focus on updated, resilient Hypertext Transfer Protocol Secure (HTTPS), configurations.

Now, F5 Labs have uncovered the extent of Internet encryption and the potential abuse of web encryption for malicious purposes. 

According to F5 Labs' 2021 report Transport Layer Security  (TLS) Telemetry Report, the issue is not so much the lack of adopting new ciphers and security features but the rate at which old and vulnerable protocols are removed. "Attackers know there is a correlation between poor HTTPS configurations and a vulnerable web server. Websites that routinely fail to follow TLS best practices are also found to be running old (and likely vulnerable) web servers,’says the Report.

TLS is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.

Based on the screening of the top million websites in the world, F5 Labs found that more than 50% of the web servers still allow unsecured RSA (Rivest–Shamir–Adleman) Exchange. The RSA initials comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who described the algorithm in 1977, which is a form of public-key cryptography, which is used to secure communication between multiple parties.

The exchange uses public keys to encrypt data as it travels electronically. RSA is what's known as asymmetric cryptography, which uses a combination of public and private keys for security.

The research also found out that attackers have learned how to exploit TLS for their phishing campaigns. At the same time, new fingerprint techniques raise questions regarding the prevalence of malware servers hidden in the top million websites. Also, F5 Labs has found that the negation of authorisation is a persistent problem, due to the prevalence of legacy servers which and rarely updated.

F5 Labs has discovered that the TLS 1.3 protocol, the more secure and rapid one, has been the chosen encryption protocol for the majority of web servers among the Tranco top million list. Almost 63% of the servers contain TLS 1.3, similarly to more than 95% of all the browsers in use. However, in some countries, such as the United States and Canada, as many as 80% of web servers choose it, while in others, such as China and Israel, only 15% of servers support it.

Security risks continue to grow. According to the report, the proportion of phishing sites using HTTPS and valid certificates has risen from 70% in 2019 to 83% in 2021, with roughly 80% of malicious sites coming from just 3.8% of the hosting providers.

Facebook and Microsoft Outlook/Office 365 were the most common counterfeit brands in phishing attacks. F5 Labs also found that webmail platforms accounted for 10.4% of impersonating Internet functions, a rate almost as high as Facebook.

This means that phishing attacks against webmail are as common as attacks against a Facebook account.

‘The desire to intercept, weaken, and circumvent encryption has never been greater. Nation-states and cybercriminals alike are attempting to work around the problems caused by strong encryption... ‘While this rarely results in direct attacks against cryptographic algorithms or protocols, it often leads attackers to instead think of creative ways to intercept or capture information before or after it has been encrypted.

"It has never been more important to focus on strong and up-to-date HTTPS configurations, particularly when digital certificates are shared across different services,’ says the F5 Labs Report.

F5 Labs:     I-HLS:      University of Brstol:   

You Might Also Read: 

SSL Encryption For Big Data Security In Cloud Computing:

 

« New Tools To Simulate Electronic Warfare
UK Warns Of Russian Cyber Attacks »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Together

Cyber Together

Cyber Together is dedicated to advancing the cyber security industry by giving businesses access to Israel’s leaders, innovators and great minds in the field of cyber security.

APWG

APWG

APWG is the international coalition unifying the global response to cybercrime across industry, government, law-enforcement and NGO communities.

Inspired eLearning

Inspired eLearning

Inspired eLearning deliver solutions that help clients nurture and enhance workforce skills, protect themselves against cyberattacks and regulatory violations.

Zighra

Zighra

Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications.

Proton Data Security

Proton Data Security

Proton Data Security is a certified small business specializing in the design, manufacturing and sales of data security products for permanent erasure of hard drives, tapes and optical media.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

RealTyme

RealTyme

RealTyme is a secure communication and collaboration platform with privacy and human experience at its core.

Nuts Technologies

Nuts Technologies

Nuts Technologies are simplifying data privacy and encryption with our innovative and novel data containers we call nuts based on our Zero Trust Data framework.

Epoch Concepts

Epoch Concepts

Offering a full line of IT services, solutions, and integration capabilities, Epoch Concepts is the trusted partner of the US military, federal agencies, private enterprises, and systems integrators.

Lab 1

Lab 1

Lab 1 turns criminal data breaches and attacks into insights. Get alerts of data breaches or ransomware attack incidents as they happen.

NETAND

NETAND

NETAND privileged access and identity management solutions will secure your business from cyber threats.

Tychon

Tychon

Tychon develops advanced enterprise endpoint management technology that enables commercial and government organizations to bridge the gap between security and IT operations.

Pacific Certifications

Pacific Certifications

Pacific Certifications provide accredited certification, training and support services to help you improve processes, performance and products and services.

CyPro

CyPro

CyPro is a cyber security expert firm that specialises in providing cyber security services tailored for high-growth companies at every stage of their journey.

Intelligent Protection Management (IPM)

Intelligent Protection Management (IPM)

At IPM, we deliver custom technology solutions that empower businesses to thrive. With over 20 years experience, we help companies of all sizes tackle IT, Security, and Cloud.