Skip to main content
banner image
venafi logo

Attacks on SSL Are on the Rise: Who’s Hiding in Your Encrypted Traffic?

Attacks on SSL Are on the Rise: Who’s Hiding in Your Encrypted Traffic?

attacks on ssl
August 3, 2017 | Emil Hanscom

Simply put: encryption is important. Organizations across the globe use it to protect user privacy, digital assets and critical business components. However, as our adoption of encryption grows, cyber criminals are taking advantage of this larger playing field. Venafi has been particularly vocal about this risk. And now ears are pricking up across the industry.

Zscaler recently released a study on malicious threats that use SSL encryption. According to their research, over half (60%) of the transactions they process are delivered over SSL/TLS. However, the report also revealed Zscaler saw an average of 8.4 million* SSL/TLS-based security blocks per day this year, with 600,000 (7%) containing advanced threats.

Zscaler’s report shows that the volume of malicious content encrypted using SSL/TLS has more than doubled over the past six months. Every day, the cloud security company reports blocking 12,000 phishing attempts delivered over the encrypted protocol, which is a whopping 400% increase over 2016 figures.

The results of Zscaler’s study are very much in line with research Venafi has conducted on the rise of encryption and encryption-based cyber attacks.

Last December, we polled 505 IT professionals that manage keys and certificates in the U.S., U.K., France and Germany. According to our research, 86% of IT professionals saw strong growth in the use of keys and certificates in 2016. In addition, nearly half (49%) expected their key and certificate use would grow by more than 25 percent within the next 12 months.

However, few organizations are actively evaluating their organization’s traffic for encryption-based threats. According to a survey we conducted at RSA Conference 2017, nearly a quarter of the security professionals (23%) had no idea how much of their encrypted traffic was decrypted and inspected.

Overall, organizations are boosting their use of encryption and ignoring the potential risks the technology brings. Unfortunately, there is no excuse for this kind of obliviousness. 90% of CIOs we polled globally in 2016 said they had already been attacked or expect to be by hackers hiding in encryption. This is not an awareness issue; rather it is one about implementation.

Ultimately, Zscaler’s report shows that encryption-based cyber attacks will only continue to grow. It’s imperative for organizations to prepare for these kinds of threats in the future.

Is your organization able to safeguard against an attack that hides in encryption?

Like this blog? We think you will love this.
wildcard certificates
Featured Blog

Wildcard Certificates Make Encryption Easier, But Less Secure

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Emil Hanscom
Emil Hanscom

Emil is the Public Relations Manager at Venafi. Passionate about educating the global marketplace about infosec and machine-identity issues, they have consistently grown Venafi's global news coverage year over year.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more