Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Websites Increasingly Use HTTPS: Google

Over 60% of Sites Loaded via Chrome Use HTTPS, Says Google

The number of websites that protect traffic using HTTPS has increased considerably in the past months, according to data shared by Google last week.

Over 60% of Sites Loaded via Chrome Use HTTPS, Says Google

The number of websites that protect traffic using HTTPS has increased considerably in the past months, according to data shared by Google last week.

The tech giant says 64% of websites loaded via Chrome on Android are now protected by HTTPS, up from 42% one year ago. There is also a significant improvement in the case of Mac and Chrome OS – in both cases, 75% of Chrome traffic is protected, up from 60% and 67%, respectively.

Data from Google shows that 67% of Chrome traffic on Windows goes through an HTTPS connection, up from 40% in July 2015 and nearly 50% in July 2016.

Sites using HTTPS

As for popular websites, Google says 71 of the top 100 sites on the Web use HTTPS by default, compared to 37 one year ago.

When analyzed based on geographical location, the data shows significant improvements in several countries, including the United States (from 59% to 73%), Japan (from 31% to 55%) and Brazil (from 50% to 66%).

Google’s efforts to boost HTTPS adoption include displaying warnings in Chrome for sites that use HTTP when receiving user data, sponsoring the Let’s Encrypt certificate authority, and adding statistics on HTTPS to its transparency report.

“HTTPS is easier and cheaper than ever before, and it enables both the best performance the web offers and powerful new features that are too sensitive for HTTP. There’s never been a better time to migrate!” Emily Schechter, Chrome Security Product Manager, said in a blog post.

Advertisement. Scroll to continue reading.

While the number of legitimate websites using HTTPS has increased in the past months, so has the number of phishing sites leveraging HTTPS. Netcraft reported in May that the proportion of phishing websites using HTTPS had increased from roughly 5% to 15% since late January.

Google has made several security-related announcements recently, including the expansion of its HSTS preload list, stronger security for “high risk” users, and new phishing protections.

Related: U.S. Warns of Security Issues With HTTPS Inspection Products

Related: HTTPS Security Weakened by AV Products, Middleboxes

Related: DHS Orders Federal Agencies to Use DMARC, HTTPS

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.