Story image

Encryption: the blindspot in enterprise security

31 Mar 16

Encryption has created a blind spot in organisations’ security framework, according to Ixia.

The company says that while digital encryption technology was initially created to protect data from being read by unauthorised users, unfortunately encryption can also provide cover for hackers who create malware and use encrypted channels to propagate and update that malware.

Stephen Urquhart, general manager ANZ, Ixia, says there are ways to regain this visibility however.

“Secure Sockets Layer, or SSL, is a widely-used cryptographic protocol for encrypting data for web browsing, email, instant messaging, and voice-over IP systems, among other platforms. It is also sometimes used to camouflage malware that has been inserted into a network,” Urquhart explains.

“Once this camouflaged malware is in a network, it can travel from server to server effectively unobserved, giving it the freedom to steal data, release viruses, and install malicious code, or worse, without anyone knowing about it,” he says.

“This presents a major source of concern to businesses, especially considering that by 2017, 50% of malware threats are expected to come from using SSL traffic, according to Gartner.”  

Urquhart says one of the ways to identify encrypted malware threats in the network is for IT teams to do spot checks on their network data to see if there are hidden threats that can be identified and removed.

“Gaining network visibility is key to spotting encrypted threats in the network,” he says.

“So-called network packet brokers (NPBs) that support application intelligence with SSL decryption capabilities are a good solution for this. One of the easiest ways to gain the visibility needed to spot encrypted threats in the network is to deploy an application and threat intelligence processor.”

Urquhart says application intelligence processors can be used to decrypt network packets and identify applications running on a network, as well as the presence of disguised malware.

“An application intelligence processor generally has bi-directional, decryption capability, giving visibility to both encrypted internal and external communications,” he explains.

“This solves one of the biggest challenges for network administrators: complete network visibility, which is precisely what is needed to easily spot encrypted threats.

“The increased adoption of cloud services will result in a continued use of SSL and other encryption protocols, meaning that organisations will need even more visibility into their networks to identify threats and stop them before they become big problems,” Urquhart says.

Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.