A padlock icon at the top of your browser doesn't assure you are safe from all forms of attack.
A padlock icon at the top of your browser means that you're communicating with a site using a valid encrypted SSL certificate. It secures communication between the web server and your computer by encrypting with a valid SSL certificate. Recent news about Malware being used to bypass SSL security and collect bank credentials brings attention and rethinking about the level of trust towards SSL encryption. In this article, we'll explore how to identify the security loophole being hidden behind encrypted communication and the way to protect.
Why & How HTTPS - SSL Encryption work?
Sensitive information includes passwords, credit card numbers, and other financial data are transferred outside your systems are encrypted with SSL certificate brings excellent protection against intruders who're trying to steal your information. With HTTPS, data that are transmitted from the browser to the server are encrypted with a public key and which can be decrypted only with the private key. Any intruder who steals information cannot decrypt and make use of your data.
when you type itproguide.com in your browser, an HTTPS request initiate with itproguide webserver.
The web server sends a copy of its SSL certificate to your browser.
The browser checks the SSL certificate with the certificate authority to see whether or not it trust. If yes, It sends a message to the webserver. Webbrowser shows a warning in case certificate authority didn't trust.
Your web browser encrypts data with itproguide public key and sends it to itproguide webserver.
ITproguide web server decrypts the received data with the private key which is only available at itproguide server.
Key Pair (Public and Private key)- Asymmetric cryptography.
Asymmetric cryptography uses public and private keys to encrypt and decrypt data.
The public key is available to everyone, and the private key remains secret at the owner's hand. You cannot encrypt and decrypt the same piece of data with the same key. Whatever encrypted with a public key may only be decrypted by its key pair private key and vice versa.
if so, where is the loophole?
IT security occupies a good portion of the IT budget for most of the organization. Today automated system with AI blocks cyber attacks and hacking threats for enterprises before any users become vulnerable. Detection system involves scanning of inbound and outbound traffic at the edge of the network to identify and stop the malicious attack. if the perimeter firewall device failed to understand or decode the packets, then they remain blind to such traffic.
SSL packets are encrypted between the browsers and webserver and cannot be decrypted in the middle without the private key. In this case, Firewall devices allow traffic without inspection and this help hackers to inject malware over SSL. It doesn't mean that hacker can modify your packets in between your browser and amazon or google. Free SSL certificate availability makes hackers job more easier to create SSL without proper identity verification like bank card details. Now links made with those SSL certificate web servers are sent to end-users via emails. If you click on them, they will be directed to a website that looks secure with the free SSL. At that point, hackers can embed malware into encrypted traffic and try to bypass your firewall system.
How to protect from this?
The padlock symbol is not an icon of security assurance. Check SSL details while performing financial and confidential details. SSL certificates are provided based on the different type of validation. Organization and extended validation SSL is hard to get for a hacker because of the validation procedure. Use a secure network for confidential transactions. Configure deep packet inspection to rip and inspect encrypted web traffic. Keep antivirus updated
SSL is just encryption, but to whom you are talking and what kind of SSL they use makes a difference.