Skip to main content
banner image
venafi logo

Expanding Encryption Attack Surface for Machine Identities [Encryption Digest 61]

Expanding Encryption Attack Surface for Machine Identities [Encryption Digest 61]

June 25, 2021 | Alexa Hernandez

Machine identities have officially become the new frontier of cyber-attacks. Why? Hackers have realized that quietly sneaking in through a “backdoor” (i.e., expired certificate or an ex-employee’s active credentials) has a much higher success rate than direct on a corporate network. In fact, in Verizon’s 2021 Data Breach Investigations Report (DBIR) revealed that 61% of all security breaches involve credentials. And a new report from Zscaler shows a 260% increase in encrypted attacks.

This shift is clear in recent cyber-attacks including the Team TNT Malware Hildegard and the new Linux rootkit dubbed Facefish. What is actually causing these increased instances of cyber-attacks against machine identities, and what can you do to stay alert and secure as the encryption attack surface continues growing more volatile? 

What factors are expanding the encryption attack surface?

The recent surge of attacks that target machine identities can be attributed to several aspects across the ever-changing security landscape. The most obvious of these being the rise of remote work thanks to the coronavirus pandemic. When non-essential workers had to remain home, many secure corporate networks were being accessed by insecure devices on unprotected networks from too many locations to track. Monitoring and securing machines is much easier when they’re all under the same roof. Even with the pandemic slowly coming to an end there is every indication that this trend will continue, with more employees demanding the flexibility and comfort that working from home provides. Be sure to review our data encryption strategies for remote employees to ward off as much of the threat as possible!

Another major shift is the increased adoption of cloud computing, which is expected to grow 20% by the end of 2021. Many IT teams are struggling to keep up with level and configurations of security need for cloud, which is leaving organizations open to attack. Plus, most organizations that have adopted cloud rarely have only one provider. There are best practices for multi-cloud environments you can start utilizing today, but the risk is always there.

Finally, increased utilization of third-party providers is another common source of security holes. When a vast number of different providers all require different levels of network access, it’s too easy for user access to be misconfigured. That’s why frequent users of third parties statistically experience higher cases of cyber-attacks.

Full machine identity visibility and automation is the solution

With the disintegration of the network perimeter, many organizations have shifted to a zero trust security model where identity has become the perimeter—validating and authorizing each distinct connection. As a result, identity security has become a far more complex problem, and the only path forward is a machine identity management program that provides comprehensive visibility, intelligence and automation. Human error has caused too many data breaches to safely rely on manual management.

In that sense, machine identity management and protection go hand in hand. Knowing where your machine identities are located and who’s using them is paramount. With the ever changing landscape, security expert Yana Blachman takes you through a demonstration how the Venafi Threat Model can help you become machine identity threats pro! This in-depth understanding of the encryption attack surface will be critical in defending your organization with the automation and visibility that machine identity management with Venafi provides.

Once you’ve taken time to understand today’s threat landscape, the next step is taking active steps to protect yourself against those threats!

Start your digital transformation today and take control of your machine identities.  

Related Posts

Like this blog? We think you will love this.
Featured Blog

What Is Encryption Key Management?

Why Is Key Manag

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Alexa Hernandez
Alexa Hernandez

Alexa is the Web Marketing Specialist at Venafi.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more