Hackers hide in your encrypted traffic

The downside of encrypted traffic is that it makes attacks harder to detect
  • Over half of web traffic is now encrypted, according to the Electronic Frontier Foundation (EFF). This is a welcome development since it guards against eavesdropping and tampering with content as it transits between device and server.
  • This is largely thanks to Google who have been pushing to make the secure https protocol ubiquitous. They incentivised the uptake of https by making encryption a ranking factor for their search results.
  • However, the obvious downside is that hackers can now too encrypt attacks, making them harder to see amidst a haystack of encrypted traffic.
  • Attacks using two common encryption protocols, Secure Sockets Layer (SSL) and Transport Layer Security (TLS), have been rising.
  • SSL or TLS attacks affected some 39% of organizations in 2016 and only a quarter said they could effectively detect and prevent them.
  • Additionally, recent research suggests there were twice as many encrypted malware payloads in the first half of 2017 than in all of 2016.
  • Identifying attacks such as these can drain resources because encrypting and re-encrypting SSL traffic to locate attacks can clog up the network and application infrastructures.
  • Such attacks can be mitigated by maintaining high visibility, implementing service chaining, making traffic inspection flexible, keeping SSL traffic inspection secure and using an SSL traffic inspection solution that seamlessly scales with rises in traffic.
  • By culling the malicious traffic from genuine traffic, users are unaffected and attacks are stopped in their tracks.

So you Think Shes Cheating on You - Put Your Mind at Rest With FlexiSPY (728x90)

Be the first to comment

Leave a Reply

Your email address will not be published.