Cybercriminals aren't all-powerful and all-knowing. More often than not, they're just opportunists looking for weaknesses. They typically don't have to look very hard.
There are many risks with the implementation of security using SSL. Attacks can be formulated against the SSL/TLS protocol, the protocol may have been designed improperly by the server vendor, the certificate authority (CA) could be attacked or you may implement SSL improperly on your server. SSL Pulse surveys about 200,000 sites each month, grades them and ranks them by