Skip to main content
banner image
venafi logo

50% of Web Traffic Is Now Encrypted. Why Isn’t the Web 50% Safer?

50% of Web Traffic Is Now Encrypted. Why Isn’t the Web 50% Safer?

securing encrypted web traffic
February 8, 2017 | Scott Carter

Last week Mozilla data revealed that half of all web traffic on Firefox is now encrypted. This is a giant step forward in privacy and secure communications. But it’s not such good news for many internet security solutions, which are still taking baby steps. Most traditional security tools are not built to be encryption aware. So, they aren’t equipped to detect malicious activity that happens inside encrypted tunnels. 

This gap between encryption and protection effectively aids and abets cyber criminals by allowing them to hide in encrypted traffic. As Kevin Bocek, VP of security strategy at Venafi notes, “We’re actually not safe as we think: The security systems designed to defend businesses were destined for a world with little encryption. Encryption creates tunnels. And traditional security isn’t prepared to look inside these tunnels to detect threats that may be hiding there.”   

This SC Magazine article outlines potential threats that leverage encryption, such as man-in-the-middle, ransomware, watering holes, and DDS attacks. Cyber criminals are taking note of these opportunities notes Bocek, “Cybercriminals from Chinese military units to Russian cyber gangs, have caught on to the fact that most organizations are unable to defend against attacks using encryption.”

While encryption is the right move to protect the privacy of communications, the way you manage it can impact the success of your efforts; poorly managed encryption can actually undermine your security.

Bocek warns that the root of this new problem is that the system that authenticates machines depends on the availability of cryptographic keys and digital certificates: “If your cyber defenses do not have access to the right keys and certificates, then they can’t look in encrypted tunnels, making them useless. Yet the industry is largely failing to wake up to this danger.”

Security vendors are scrambling to integrate encryption support into their security solutions. In the meantime, many organizations are worried about how to keep their expanding encryption environments safe. “Research has shown that 85% of CIOs are concerned that attackers are increasingly hiding in encrypted traffic, and they are right to be concerned. Security experts believe in short order 70% of attacks will use the encryption we’ve put in place to protect us,” Bocek cautions.

To prevent your encrypted tunnels from being misused in an attack, you’ll need to take a more active role in protecting and securing them. But first you need to understand the nuances of your encryption environment. Bocek advises, “The only way to safely implement encryption is to maintain control – you need to make sure security systems have access to the keys they require to inspect your traffic for threats. This requires automation that industry still must catch up on.” 

If your security solutions don’t have access to your keys and certificates, they may not be able to detect threats that travel through encrypted traffic. Do you have the automation you need to make your keys and certificates available to your security solutions? 

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

encryption backdoor

Overheard in the Press: Encryption Backdoor Debate

 junger Geschäftsmann mit der Brille, die, stehend gegen eine weiße Backsteinmauer verwirrt schaut

Sechs Dinge, die Sie über Ihre Zertifikate wahrscheinlich nicht wissen (aber wissen sollten)

business man looking for answers  - digital certificates

6 Things You Probably Don’t Know about Your Certificates [And Why They Matter]

About the author

Scott Carter
Scott Carter

Scott is Senior Manager for Content Marketing at Venafi. With over 20 years in cybersecurity marketing, his expertise leads him to help large organizations understand the risk to machine identities and why they should protect them

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat