Encryption Gives Malware a Perfect Place to Hide
Nearly half of cyber-attacks this year have used malware hidden in encrypted traffic to evade detection.
In an ironic twist, A10 Networks has announced the results of an international study with the Ponemon Institute, revealing that the risk to financial services, healthcare and other industries stems from growing reliance on encryption technology.
A growing number of organisations are turning to encryption to keep their network data safe. But SSL encryption not only hides data traffic from would-be hackers, but also from common security tools. The encryption technology that is crucial to protecting sensitive data in transit, such as web transactions, emails and mobile apps, can also allow malware hiding inside that encrypted traffic to pass uninspected through an organisation’s security framework.
At the same time, a full 80% of organisations do not inspect their SSL traffic, making it even easier for hackers to bypass existing defenses by using SSL-encrypted traffic to hide their attacks. For many security managers, the costs of inspecting this rising tide of encrypted traffic outweigh the benefits.
Almost half of respondents (47%) cited a lack of enabling security tools as the primary reason for not inspecting decrypted web traffic, closely followed by insufficient resources and degradation of network performance (both 45%).
Yet 80% of survey respondents say their organisations have been victims of a cyberattack or malicious insider during the past year. And nearly half say that the attackers used encryption to evade detection.
Overall, roughly two-thirds admit that their company is unprepared to detect malicious SSL traffic, even though 50% of malware hides there. Moreover, the threat is expected to get worse as the volume of encrypted data traffic continues to grow.
“IT decision makers need to think more strategically,” said Chase Cunningham, director of cyber operations at A10 Networks. “The bad guys are looking for ROI just like the good guys, and they don’t want to work too hard to get it. Instead of focusing on doing everything right 100% of the time, IT leaders can be more effective by doing a few things very strategically with the best technology available. It’s the cybersecurity equivalent of the zombie marathon, as long as you can avoid being the slowest in outrunning the zombies, you minimize risk.”
Other results included that the fact that only 42% of inbound web traffic and 32% of outbound traffic is encrypted; and of the public-sector organizations that had been attacked in the last 12 months, 43% believed those attacks used encryption to evade detection. Three-quarters (75%) of IT experts surveyed admit malware could steal employee credentials from their networks.