Encryption is a valuable tool for many organizations and individuals. But its very popularity has also made it a valuable tool for cyber criminals, who use encryption to mask malicious behavior.
A new report from Zscaler revealed that 54% of the threats blocked by their product line hid in SSL traffic. In addition, the cloud security company counted 600,000 malicious activities using SSL per day. Zscaler’s research demonstrates a significant rise in encrypted based attacks. For example, an A10 Networks report from last August revealed that roughly 41% of cyber attacks used encryption to evade detection. Now, it’s grown to over half.
As cyber criminals become more adept at hiding in SSL traffic, security professionals are struggling to keep their encrypted tunnels free of dangerous traffic. After all, only 29% of security professionals have high levels of confidence in their organizations’ ability to secure and protect encrypted communication.
Ultimately, proper encryption requires consistent protection and visibility. Organizations must inspect and decrypt their traffic on a regular basis in order to catch malicious actors before they take advantage of encrypted systems.
Unfortunately, most security programs were created before encrypted SSL/TLS contributed the majority of network traffic. Integrating security with certificate management is a huge leap forward in the effective inspection of encrypted traffic. And automation streamlines the entire process of encryption monitoring.
Encryption usage, and malicious attacks, will continue to grow in 2017 and beyond. Your organization can’t afford to be left behind.
Are you confident in your ability to thwart attacks hidden in SSL traffic?