Transport Layer Security (TLS) is a network protocol used to ensure secure and private communications over the internet. It replaced the now deprecated SSL, Secure Sockets Layer. TLS is used when browsing the web, sending emails, instant messaging and much more. Almost any business dealing done electronically requires TLS. With the increasing number of online attacks from hackers all over the world, securing your site is a business priority—assuring potential clients that their data is secure.
When a user visits a website secured with TLS, the user’s browser and the web server exchange critical information. One piece of data vital to this process is the certificate sent to the client’s browser. Each web server utilizing TLS has a digital certificate signed by a Certificate Authority. Essentially, the digital certificate is the identity card for each web server, verified by a third party (the Certificate Authority) globally recognized as a trusted entity. Without such a certificate the user cannot verify the identity of the web page being viewed.
When the Internet first grew into fruition TLS was not used as an industry standard. With the advent of broadband Internet connections, and the ubiquitous nature of Internet access in general however, web applications became a major source for online transactions. This increased reliance on web applications also made them a target for hackers around the world. Hackers were able to forge fake web sites purporting to be a valid and known business entity. Without a digital certificate verifying such information, protecting a client’s data would be very difficult. This is why TLS is now a must-have component of any business with an online footprint.
Choosing to not have encrypted web traffic using TLS can prove extremely detrimental for online businesses. Without TLS hackers can execute what is commonly known as a man-in-the-middle-attack. This occurs when a hacker is able to hijack or redirect web traffic to a machine they control. Although there are multiple ways to do this, the end result is the same. Once the direction of web traffic is taken over, the content of the communications can be read in plaintext.
The disclosed content may include credentials, sensitive contracts, and personally identifiable information. This situation will ultimately lead to a data breach of the company’s business operations. Recent studies have shown that in 2019, the average data breach costs approximately 3.92 million dollars, which represents a 1.5 percent increase from the previous year.
Simply implementing TLS on your web server is not enough to securely protect your web traffic. In 2009, a tool called SSLstrip was released, giving hackers the ability to circumvent the protection offered by TLS. This method required the attacker to sit between the web server and client communicating, thereby downgrading any encrypted communications to unencrypted web traffic.
In order to address this, a new protocol called HTTP Strict Transport Security (HSTS) was introduced. HSTS works by instructing the client’s web browser to always use encrypted communications when connecting back to the server. It is important to note that web application security should not rely on 1 or 2 techniques alone, but rather a thorough evaluation to find all weaknesses before hackers do.
Given the insecure nature of sites not utilizing TLS, it is no surprise that Google’s search algorithm favors sites with encrypted communications. A GloablSign survey found that 84% of users stop purchasing a product on a site if it is found to be insecure. Any customer will know if a site is not using TLS since Google Chrome will create a notification alerting the user to this fact. Other studies have shown that TLS sites load faster, tend to have higher SEO rankings, and represent approximately 50% of the pages loaded on desktop computers.
October 24 - Blog
Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.
September 27 - Blog
InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.
September 26 - Blog
Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.