[Whitepaper] 2017 TLS telemetry report

Privacy today isn’t just about staying away from prying eyes. The very act of communicating across the Internet with open, non-confidential protocols invites exposure to code injections, ad injections, and overall risk injection. A recent example involved spyware that was developed by FinFisher and only sold to nation-states.

Middleware systems inside the Türk Telekom IPS hijacked unencrypted web sessions, then redirected the sessions to websites that installed the spyware. It appears this was a targeted attack on five provinces in Turkey and specific locations in Syria. Similar middleware systems were also used inside of Telecom Egypt to, again, hijack unencrypted web sessions. This time the motive was financial: the redirects sent unsuspecting users to revenue-generating ad farms and crypto-mining malware downloads.

This is why cryptographic protocols like Transport Layer Security (TLS) exist—to help prevent adversaries from eavesdropping and tampering with data. TLS provides a way for endpoints to be authenticated and communicate confidentially over the Internet. Encrypting Internet connections with TLS would have stopped these redirect attacks. But like all security protocols, it must be constantly tested, proved, and improved if we have any hope of staying ahead of adversaries.

Sponsored by: F5 | Dec 2018