With cyber security becoming increasingly more important for online businesses, and the different types of cyber security threats becoming more challenging, now has never been an ever more important time to get an SSL certificate onto your website.
Did you know that 62% of businesses experienced a form of phishing and social engineering attacks back in 2018?
And also, 68% of business leaders feel that cyber security is on the rise...
They're shocking statistics, and if you're not properly securing your customers data with an SSL certificate, you're opening up a can of worms for potential hackers to get access to, and once data is stolen, it's stolen, for good.
In this article, I'm going to dive into greater detail about the importance of an SSL certificate, now that we've covered exactly what SSL certificates are...
Ready? Let's dive into this...
You've probably purchased services or products online before right?
Maybe you've purchased an item from Amazon, or maybe you've renewed your car insurance through a car insurance comparison site...
You would've put your personal details into these websites, information such as:
Personal details like this are incredibly valuable to online hackers and guess what...
Once a hacker obtains information like this, they can carry out impersonation attacks on your behalf, such as pretending to be you when trying to access YOUR bank account, and many other websites.
If one of these websites where you provide this information doesn't have an SSL certificate properly installed, then the data that's sent between your web browser and the server can be seen by hackers that might be spying on the HTTP request.
If they get hold of your information, you might not even know it.
Amongst the many different types of cyber threats on the internet, not having an SSL certificate exposes you to even more of these threats, let's take a look at 3 cyber threats that you might come across on a website without an SSL.
According to Keepnet's latest phishing stats, there were over 60,000 phishing websites online in March 2020 alone, of which, 96% of all phishing attack attempts where down to collecting information about someone online.
Phishing is an attempt to gain sensitive information from you, especially from websites that don't have an SSL certificate installed.
Usually, this type of attack is carried out on highly targeted individuals and groups of people, such as those that are quite wealthy, or potentially the elderly that may not be very technically inclined with identifying these threats.
Usually, you're not alone, and this isn't an isolated attack.
There are some important steps that you can take if you've landed on a website without an SSL certificate and have been on there some time without realising:
81% of experts in the cyber security space said that there would be more ransomware attacks in 2019 compared to the years before, and they were right.
In fact, new ransomware attacks grew by 26% in 2019 as a whole, and are worth trillions by the year 2020!
What's worse, these types of attacks are usually carried out on large organisational bodies, and typically demand for something, like cryptocurrency, which is untraceable, usually a currency like Bitcoin.
If you find someone demanding for this, stay away from them!
Ransomware usually takes over you computer, and it's unfortunate because this type of attack will typically involve a piece of software on your machine, through something you might've downloaded...
So if you've been onto a website without an SSL certificate, then it's possible that you might end up downloading a file that you think is a file, when in fact it's ransomware.
Did you know that in 2019, 42% of companies were breached by a bad password?
Passwords are the underlying bread and butter of most organisations and individuals, we use passwords for social media, for our emails, and even credentials that access our bank accounts!
If you're entering a password into a website without an SSL certificate, you're making a big mistake.
If I land on a website that doesn't have an SSL certificate, I'll leave, because I won't risk entering personal details into a website that might potentially be stealing my information.
Would you enter passwords into a website such as Amazon if their SSL expired?
Probably not, you'd wait until the SSL had been renewed because of the fear that thousands of traditional hackers are attempting to inject some kind of code to steal your data!
The poplar free SSL provider, Let's Encrypt issues over 1.5 million SSL certificates back in Q3 of 2018.
SSLs don't have to be troublesome to install either, in fact, if you've got a website, you can set up your website through a service such as Cloudflare and get an SSL installed and managed for you.
SSLs go a long way to protecting the data and privacy of users that are using your website, and shouldn't be overlooked.
Once you've got an SSL set up on your website, you're going to need to start monitoring it...
With an SSL monitoring tool, and there are quite a few to choose from, so be sure to check out our article that'll take you through all of the best tools!
Alternatively, you can just take my advice and sign up to our domain monitor where you'll be able to add your domain and we'll keep a check on your SSL certificate for you!
I hope you enjoyed this blog post, and found the information useful and valuable, if you did, feel free to share it with your friends, and we'll catch up in the next article!
Cron job monitoring is a great way to ensure your background server tasks are running on time, every time, learn more about our new monitoring type.Read more
SMS alerts are a great way to get notified of an upcoming domain or SSL expiration directly to your mobile phone. In this short read article we'll digest this new feature.Read more
Our custom HTTP statuses for our website uptime monitoring feature is great for selecting which status codes should trigger a website down alert. Learn more about this feature in this article.Read more