Skip to main content
banner image
venafi logo

Most Cyber Attacks Now Use Encryption: Are You Prepared for the Good, the Bad and the Ugly?

Most Cyber Attacks Now Use Encryption: Are You Prepared for the Good, the Bad and the Ugly?

ring of keys
March 22, 2017 | Eva Hanscom

Simply put: the use of encryption is on the rise. Sadly, so is its misuse.

Last year, over 21 million websites obtained security certificates through the Let’s Encrypt program. In addition, at the beginning of 2017, Mozilla announced that half of the web traffic on FireFox was encrypted.

Encryption is a valuable tool for many organizations and individuals. But its very popularity has also made it a valuable tool for cyber criminals, who use encryption to mask malicious behavior.

A new report from Zscaler revealed that 54% of the threats blocked by their product line hid in SSL traffic. In addition, the cloud security company counted 600,000 malicious activities using SSL per day. Zscaler’s research demonstrates a significant rise in encrypted based attacks. For example, an A10 Networks report from last August revealed that roughly 41% of cyber attacks used encryption to evade detection. Now, it’s grown to over half.

There are many reasons for our current encryption boom: from an explosion in the number of IP-enabled devices to growing geopolitical concerns. But simply using encryption is not enough to protect your business. Unfortunately, many organizations are not taking the proper steps needed to protect themselves from encryption-based attacks.


How savvy are you on machine identity protection? Read our Dummies Guide.
 

As cyber criminals become more adept at hiding in SSL traffic, security professionals are struggling to keep their encrypted tunnels free of dangerous traffic. After all, only 29% of security professionals have high levels of confidence in their organizations’ ability to secure and protect encrypted communication.

Ultimately, proper encryption requires consistent protection and visibility. Organizations must inspect and decrypt their traffic on a regular basis in order to catch malicious actors before they take advantage of encrypted systems.

Unfortunately, most security programs were created before encrypted SSL/TLS contributed the majority of network traffic. Integrating security with certificate management is a huge leap forward in the effective inspection of encrypted traffic. And automation streamlines the entire process of encryption monitoring.

Encryption usage, and malicious attacks, will continue to grow in 2017 and beyond. Your organization can’t afford to be left behind.

Are you confident in your ability to thwart attacks hidden in SSL traffic? 
 

Learn more about machine identity protection. Explore now.
 

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

lawyer reading from legal books on a desk, with a scale in the foreground

Do We Trust Governments to Effectively Regulate Privacy? [Ask Security Professionals]

hands reaching out of laptop screen holding ballot box, another person's hand casting a vote
Encryption

Will Encryption Backdoors Hurt Election Infrastructure? Security Professionals Say Yes.

Man standing in front of a cyber-secured world.

What If You Could Guarantee Eliminating Outages in Your Organization?

About the author

Eva Hanscom
Eva Hanscom

Eva is Public Relations Manager at Venafi. She is passionate about educating the global marketplace about infosec and machine-identity issues, and in 2018 grew Venafi's global coverage by 45%.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat