Proper encryption is seen by many as the linchpin to the Internet’s current and future success. Everything from online banking to private email correspondence needs to be kept out of the hands of cyber criminals, and as such encryption methods were implemented into many of the world’s modern data transfer systems. However, it would appear that HTTPS encryption has a vulnerability that could quickly get out of hand if it isn’t nipped in the bud.
A new attack strategy dubbed DROWN (Decrypting RSA using Obsolete and Weakened eNcryption) has essentially broken an older form of encryption that many servers still use. The implications of this vulnerability are far-reaching, and show the importance of constant diligence when it comes to cyber security.
