Skip to main content
banner image
venafi logo

Most Cyber Attacks Now Use Encryption: Are You Prepared for the Good, the Bad and the Ugly?

Most Cyber Attacks Now Use Encryption: Are You Prepared for the Good, the Bad and the Ugly?

ring of keys
March 22, 2017 | Emil Hanscom

Simply put: the use of encryption is on the rise. Sadly, so is its misuse.

Last year, over 21 million websites obtained security certificates through the Let’s Encrypt program. In addition, at the beginning of 2017, Mozilla announced that half of the web traffic on FireFox was encrypted.

Encryption is a valuable tool for many organizations and individuals. But its very popularity has also made it a valuable tool for cyber criminals, who use encryption to mask malicious behavior.

A new report from Zscaler revealed that 54% of the threats blocked by their product line hid in SSL traffic. In addition, the cloud security company counted 600,000 malicious activities using SSL per day. Zscaler’s research demonstrates a significant rise in encrypted based attacks. For example, an A10 Networks report from last August revealed that roughly 41% of cyber attacks used encryption to evade detection. Now, it’s grown to over half.

There are many reasons for our current encryption boom: from an explosion in the number of IP-enabled devices to growing geopolitical concerns. But simply using encryption is not enough to protect your business. Unfortunately, many organizations are not taking the proper steps needed to protect themselves from encryption-based attacks.

How savvy are you on machine identity management? Read our Dummies Guide.

As cyber criminals become more adept at hiding in SSL traffic, security professionals are struggling to keep their encrypted tunnels free of dangerous traffic. After all, only 29% of security professionals have high levels of confidence in their organizations’ ability to secure and protect encrypted communication.

Ultimately, proper encryption requires consistent protection and visibility. Organizations must inspect and decrypt their traffic on a regular basis in order to catch malicious actors before they take advantage of encrypted systems.

Unfortunately, most security programs were created before encrypted SSL/TLS contributed the majority of network traffic. Integrating security with certificate management is a huge leap forward in the effective inspection of encrypted traffic. And automation streamlines the entire process of encryption monitoring.

Encryption usage, and malicious attacks, will continue to grow in 2017 and beyond. Your organization can’t afford to be left behind.

Are you confident in your ability to thwart attacks hidden in SSL traffic? 

Learn more about machine identity management. Explore now.

Like this blog? We think you will love this.
Featured Blog

How DoS/DDoS Attacks Impact Machine Identity, Digital Certificates

For safe and secure utilization of machine identities such as SSL/TLS cer

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Emil Hanscom
Emil Hanscom

Emil is the Public Relations Manager at Venafi. Passionate about educating the global marketplace about infosec and machine-identity issues, they have consistently grown Venafi's global news coverage year over year.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more