Evaluation of encryption of the world's top one million sites

According to research by TLS expert Scott Helme, the use of encryption was assessed on one million of the world's top sites in the last six months, with the research suggesting that more education is needed to ensure that machine identities are used more effectively to protect the online world.

The accelerated digital transformation and migration to the cloud has opened up new issues of cyber protection. We're aware of huge amounts of money that are invested in protecting human identities, while the importance of machine identity management is overlooked. A strong algorithm is not enough if it is used in combination with a weak key. It is precisely this gap that represents the risk of 'phishing' and misuse of data.

Despite organizations adopting stronger TLS protocols, they are failing to parallel the transition to stronger keys for TLS machine identities. Only 17% of websites use standard ECDSA keys, while 39% of websites still use less secure RSA keys. Adoption of HTTPS or encrypted TLS communication on the internet has been stagnant since December last year, when the HTTPS protocol was adopted on 72% of the mentioned sites.

In the last six months, there has been negligible growth in the adoption of newer, more efficient and more secure EDCSA keys. Taking into account the above, together with the fact that the adoption of the HTTPS protocol has stalled in the last six months, we come to the conclusion that the internet is no safer than it was in December 2021. This is precisely the cause for concern as cybercriminals are increasingly breaking through the boundaries of IT protection, while businesses are doing little to resist online attacks.

Learn more: Help Net Security