Encryption Gives Malware a Perfect Place to Hide

Nearly half of cyber-attacks this year have used malware hidden in encrypted traffic to evade detection.

In an ironic twist, A10 Networks has announced the results of an international study with the Ponemon Institute, revealing that the risk to financial services, healthcare and other industries stems from growing reliance on encryption technology.

A growing number of organisations are turning to encryption to keep their network data safe. But SSL encryption not only hides data traffic from would-be hackers, but also from common security tools. The encryption technology that is crucial to protecting sensitive data in transit, such as web transactions, emails and mobile apps, can also allow malware hiding inside that encrypted traffic to pass uninspected through an organisation’s security framework.

At the same time, a full 80% of organisations do not inspect their SSL traffic, making it even easier for hackers to bypass existing defenses by using SSL-encrypted traffic to hide their attacks. For many security managers, the costs of inspecting this rising tide of encrypted traffic outweigh the benefits.

Almost half of respondents (47%) cited a lack of enabling security tools as the primary reason for not inspecting decrypted web traffic, closely followed by insufficient resources and degradation of network performance (both 45%). 

Yet 80% of survey respondents say their organisations have been victims of a cyberattack or malicious insider during the past year. And nearly half say that the attackers used encryption to evade detection.

Overall, roughly two-thirds admit that their company is unprepared to detect malicious SSL traffic, even though 50% of malware hides there. Moreover, the threat is expected to get worse as the volume of encrypted data traffic continues to grow.

“IT decision makers need to think more strategically,” said Chase Cunningham, director of cyber operations at A10 Networks. “The bad guys are looking for ROI just like the good guys, and they don’t want to work too hard to get it. Instead of focusing on doing everything right 100% of the time, IT leaders can be more effective by doing a few things very strategically with the best technology available. It’s the cybersecurity equivalent of the zombie marathon, as long as you can avoid being the slowest in outrunning the zombies, you minimize risk.”

Other results included that the fact that only 42% of inbound web traffic and 32% of outbound traffic is encrypted; and of the public-sector organizations that had been attacked in the last 12 months, 43% believed those attacks used encryption to evade detection. Three-quarters (75%) of IT experts surveyed admit malware could steal employee credentials from their networks.

InfoSecurity Magazine
 

« Country Eye App For The Rural Community
Yahoo Data Breach Questions »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CERT-In

CERT-In

CERT-In is a functional organisation of the Ministry of Information & Electronics Technology, Government of India, with the objective of securing Indian cyber space.

Kualitatem

Kualitatem

Kualitatem Inc. is an independent software testing and information systems auditing company

RCMP Cybercrime Strategy

RCMP Cybercrime Strategy

The RCMP Cybercrime Strategy sets out in an Operational Framework and Action Plan to combat cybercrime.

Retail & Hospitality Information Sharing & Analysis Center (RH-ISAC)

Retail & Hospitality Information Sharing & Analysis Center (RH-ISAC)

Retail & Hospitality ISAC operates as a central hub for sharing sector-specific cyber security information and intelligence.

Global Payments

Global Payments

Global Payments is a leading worldwide provider of payment technology services. Our Fraud Management Solutions help you optimise conversion and reduce the cost of fraud to your business.

Simula Research Laboratory

Simula Research Laboratory

Simula Research Laboratory carries out research in the fields of communication systems, scientific computing and software engineering.

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

Sevonix

Sevonix

Sevonix is a professional services organization specializing in offering best in class technology implementation and information security consulting services.

Blockchain Reactor

Blockchain Reactor

Blockchain Reactor is a blockchain consultancy and implementation company providing cutting-edge blockchain solutions for start-ups and enterprises.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries (HII)

Huntington Ingalls Industries is America’s largest military shipbuilding company and a provider of professional services to partners in government and industry.

Maxxsure

Maxxsure

Maxxsure provides a platform for executive management, leveraging proprietary technology that identifies, measures, and scores a company’s cyber risks.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

APCERT

APCERT

APCERT cooperates with CERTs and CSIRTs to ensure internet security in the Asia Pacific region, based around genuine information sharing, trust and cooperation.

Professional Labs

Professional Labs

Professional Labs specialize in simplifying complex problems for our customers with Cloud Services, Managed Services and Cyber Security.