Encryption Gives Malware a Perfect Place to Hide

Uploaded on 2016-09-28 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Nearly half of cyber-attacks this year have used malware hidden in encrypted traffic to evade detection.

In an ironic twist, A10 Networks has announced the results of an international study with the Ponemon Institute, revealing that the risk to financial services, healthcare and other industries stems from growing reliance on encryption technology.

A growing number of organisations are turning to encryption to keep their network data safe. But SSL encryption not only hides data traffic from would-be hackers, but also from common security tools. The encryption technology that is crucial to protecting sensitive data in transit, such as web transactions, emails and mobile apps, can also allow malware hiding inside that encrypted traffic to pass uninspected through an organisation’s security framework.

At the same time, a full 80% of organisations do not inspect their SSL traffic, making it even easier for hackers to bypass existing defenses by using SSL-encrypted traffic to hide their attacks. For many security managers, the costs of inspecting this rising tide of encrypted traffic outweigh the benefits.

Almost half of respondents (47%) cited a lack of enabling security tools as the primary reason for not inspecting decrypted web traffic, closely followed by insufficient resources and degradation of network performance (both 45%). 

Yet 80% of survey respondents say their organisations have been victims of a cyberattack or malicious insider during the past year. And nearly half say that the attackers used encryption to evade detection.

Overall, roughly two-thirds admit that their company is unprepared to detect malicious SSL traffic, even though 50% of malware hides there. Moreover, the threat is expected to get worse as the volume of encrypted data traffic continues to grow.

“IT decision makers need to think more strategically,” said Chase Cunningham, director of cyber operations at A10 Networks. “The bad guys are looking for ROI just like the good guys, and they don’t want to work too hard to get it. Instead of focusing on doing everything right 100% of the time, IT leaders can be more effective by doing a few things very strategically with the best technology available. It’s the cybersecurity equivalent of the zombie marathon, as long as you can avoid being the slowest in outrunning the zombies, you minimize risk.”

Other results included that the fact that only 42% of inbound web traffic and 32% of outbound traffic is encrypted; and of the public-sector organizations that had been attacked in the last 12 months, 43% believed those attacks used encryption to evade detection. Three-quarters (75%) of IT experts surveyed admit malware could steal employee credentials from their networks.

InfoSecurity Magazine
 

« Country Eye App For The Rural Community
Yahoo Data Breach Questions »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Telos

Telos

Telos offers cybersecurity solutions and services that empower and protect the world’s most security-conscious enterprises.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

RKH Specialty

RKH Specialty

RKH Specialty, part of the Hyperion Insurance Group, is a provider of specialty insurance services including Cyber Risk cover.

Logsign

Logsign

Logsign is a Security Orchestration, Automation and Response (SOAR) platform with next-gen Security Information and Event Management (SIEM) solution.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

Motiv ICT Security

Motiv ICT Security

Motiv is the ICT security specialist that provides public and private sector organisations with IT security solutions and services to prevent cybercrime, data theft and data breaches.

In Fidem

In Fidem

In Fidem specializes in information security management, with a bold approach that views cybersecurity as a springboard to organizational transformation rather than a barrier to innovation.

Lancera

Lancera

Lancera provides growth accelerating Software Development, Web Presence and Cybersecurity Solutions with a focus on customer happiness.

KSOC Labs

KSOC Labs

KSOC is an event-driven SaaS platform built to automatically remediate Kubernetes security risks.

Avetta

Avetta

Avetta One is the industry’s largest Supply Chain Risk Management (SCRM) platform. It enables clients to manage supply chain risks and suppliers to prove the value of their business.

RecoLabs (Reco)

RecoLabs (Reco)

Reco empowers organizations to discover their SaaS applications, identities, and data, control access and prevent the risk of exposure.

ThreatDefence

ThreatDefence

ThreatDefence provides innovative SIEM, SOC-as-a-Service, and proactive cyber defence solutions to MSP’s and Enterprises.

Intuitive Research & Technology Corp

Intuitive Research & Technology Corp

Intuitive Research and Technology is an aerospace engineering and analysis firm providing services to the Department of Defense, government agencies, and commercial companies.

Resillion

Resillion

Resillion (formerly Eurofins Digital Testing) is a global leader in quality engineering and cyber security services with operations in Europe, US, UK, India and China.

CyberAI Group

CyberAI Group

CyberAI's mission is to pioneer the evolution of the cybersecurity landscape globally, by strategically acquiring and elevating IT consulting firms into leaders of cybersecurity innovation.