Beware! Your Firewall May Not Scan 90% Of Its Traffic
That firewall you pay for, is letting a massive NINETY PERCENT of internet traffic into your networks, without scanning it.
90% of the information that enters your network, is not scanned, and could contain malicious scripts and dangerous malware.
This is thanks to something called SSL encryption.
Why is 90% of traffic going through my firewall not being scanned?
In order to understand why this is happening, you need to understand what SSL (Secure Socket Layer) encryption is.
Websites with an SSL certificate, begin with https not just http.
So what does it mean for the users?
- Information sent to and from the domain can’t be accessed by third parties outside of that connection.
- All connections to these websites are secure, and data transferred to and from these websites, can only be read by the intended recipient.
Originally, this was used for payment gateways, in order to protect against cyber criminals. These hackers would snoop on connections and steal credit card information.
Many Firewalls Can NOT Scan Encrypted SSL Traffic!
Businesses now face a HUGE problem. The digital world is developing and old firewalls are depleting in security and value.
Now businesses require a modern, properly maintained firewall so ensure SSL traffic is scanned.
If not, it is likely that traffic passing between their networks and websites with SSL certificates, is completely unfiltered by the firewall.
Anyone can purchase an SSL certificate for their website.
Just because a domain has https in front of it, does not mean it’s a trustworthy domain.
Do you know how Cyber Safe your business is? Find out by using our quick quiz here!
How Google is Making the Internet More Dangerous for You!
Google, with all its power and influence, has tried to push for more websites to enable SSL.
Google’s popular browser, Chrome – which has 55% of the market share of internet browsers, also warns you when you’re connecting to a non-https website – effectively labelling all http websites as ‘bad’.
Google also now requires websites to have SSL certificates in order to use Google Adwords, Shopping and Re-marketing services.
Additionally, Google announced in 2014, that they will give ranking boosts to websites that are SSL enabled.
This has all resulted in a massive upsurge in the amount of websites with SSL certificates.
Don’t assume SSL enabled websites are safe! They are not!
Anyone, even a cyber criminal, can purchase an SSL certificate for their website, regardless of what that website is.
As a result of this, the green padlock sign you see in your browser is not an indication of safety!
What it does mean is that you have a secure connection, preventing others from spying on (potentially with an unsafe website!).
In addition to this, and perhaps most dangerously, there have been known cases where users have been infected by connecting to legitimate websites.
These sites have been compromised – despite having SSL enabled sites.
Hackers who manage to compromise popular websites, add a line of malicious code. By clicking on a link on the website, the code runs and thus the malicious content spreads.
Normally, these are disguised as something a user would usually click on, such as “download your statement”.
As these websites have SSL certificates, any data sent from them is encrypted. Say you click on a compromised link and your firewall does not scan SSL?
Malicious data would flow through into your business networks!
So What Can You Do?
At Netstar, we offer a Managed Firewall service. Our team of expert engineers will configure, maintain and monitor it for you.
We ensure it has something called a Deep Packet Inspection of SSL (Secure Socket Layer). To put it simply, this means content is filtered, and the firewall acts as a layer of security between the internet and your machine.
Having a managed firewall service provides your business with an additional layer of protection. You will also have the ability to upgrade as business and technology needs change over time.
Still Have Questions?
We can answer your tech questions, especially if you’re unsure how safe your IT infrastructure is. Get in touch with us today by filling out a contact form.