Web encryption practices are improving, but the flexible nature of HTTPS and cipher suite negotiation—combined with stagnation or regression in many areas—is hampering progress and putting websites at risk.
According to F5 Labs’ 2021 TLS Telemetry Report, which frequently scans 1 million of the world’s top websites, over half of all web servers still allow the use of insecure RSA key exchanges. At the same time, certificate revocation remains problematic, and old, rarely updated servers are visible everywhere.
The research also found that attackers are increasingly learning how to use Transportation Layer Security (TLS) to their advantage in phishing campaigns. At the same time, new fingerprinting techniques are raising questions about the prevalence of malware servers hiding in the top 1 million websites.
“More than ever, nation-states and cybercriminals alike are attempting to work around the problems caused by strong encryption. With these risks ever-present, it has never been more important to focus on strong and up-to-date HTTPS configurations, particularly when digital certificates are shared across different services,” said David Warburton, Senior Threat Research Evangelist at F5 and the author of the report.
Two steps forward, one step back
F5 Labs found that the faster, more secure TLS 1.3 protocol is gaining ground. For the first time, TLS 1.3 was the encryption protocol of choice for most webservers on the Tranco 1M list. Nearly 63% of servers now prefer TLS 1.3, as do over 95% of all browsers in active use.
Support can vary drastically, however. In some countries, such as the United States and Canada, as many as 80% of web servers choose it, while in others, such as China and Israel, only 15% of servers support it.
Meanwhile, DNS Certification Authority Authorization (CAA) records, which can help prevent the fraudulent issuance of certificates, grew in prevalence from 2019 (1.8% of sites) to 2021 (3.5%). F5 Labs believes this shows a positive and steady increase but also demonstrates how few sites still use them.
In other concerning developments, whilst almost all servers in the top list prefer secure Diffie-Hellman key agreements, 52% of servers were still allowing the use of insecure RSA key exchanges (if that is all the client supports).
Additionally, F5 Labs’ research showed how revocation methods are almost entirely broken. This is causing a soaring desire across the certificate authorities (CAs) and browser industry to move toward extremely short-term certificates. Revoking a stolen certificate becomes much less of an issue if it will expire in just a few weeks, driving a growing desire across the CA and browser industry to move toward extremely short-term certificates. The single most common certificate lifespan was 90 days, which accounted for just over 42% of all sites.
Security risks on the rise
Growing security-concerns are another key takeaway from the report.
Notably, the number of phishing sites using HTTPS with valid certificates to appear more legitimate grew from 70% in 2019 to nearly 83% in 2021. Around 80% of malicious sites now come from just 3.8% of the hosting providers.
In terms of service providers, phishers tended to slightly prefer Fastly, with Unified Layer, Cloudflare, and Namecheap just behind.
Facebook and Microsoft Outlook/Office 365 were the most commonly spoofed brands in phishing attacks. Stolen credentials from these sites have great value, partly because so many other accounts tend to rely on these as identity providers (IdP) or a password reset function.
F5 Labs also found that webmail platforms constituted 10.4% of impersonated web functions, which is almost as high as Facebook. This means phishing attacks are as common against webmail as they are against Facebook accounts.
The work continues
“It’s clear that we’re facing two important realities heading into 2022,” Warburton added.
“One is that the desire to intercept, circumvent, and weaken encryption has never been greater. Cybercriminals are working round the clock to defeat the problems that strong encryption causes, looking for creative ways to intercept or capture information before or after it’s encrypted. The other is that the greatest weaknesses do not come from the latest features we struggle to adopt but the old ones we are reluctant to disable. Until both these issues are addressed with more purpose, it is important to make it a priority to use supporting protocols, such as DNS CAA and HSTS, to ensure that the minor gaps in the strength of HTTPS can’t be exploited.”