sb-au logo
Story image

Major spike in Malware encryption, Blue Coat finds

Web security specialists Blue Coat is warning enterprises and governments against a ‘significant’ spike in malware hidden in SSL traffic.

According to the company, the rapid adoption of cloud and mobile apps and services is driving an increase in SSL/TLS encrypted traffic as concerns around personal privacy grow.

It says the growing use of encryption is creating perfect conditions for cyber criminals to hide malware inside encrypted transactions.

The advanced threats employ hidden command and control (C&C) channels to execute malicious programmes and exfiltrate proprietary data.

Blue Coat Researchers found a 58 times increase in SSL-cloaked traffic in C&C and a 200 times increase in C&C servers using SSL in 2015, indicating that SSL/TLS will be increasingly used in the future to hide attacks.

As attacks increase exponentially, much of enterprise security infrastructure remains blind to encrypted traffic, Blue Coat says.

“Our researchers’ findings reveal what many have long suspected – that SSL traffic as a primary channel for malware and exfiltration is dramatically increasing,” comments Michael Fey, president and COO, Blue Coat Systems.

“In light of these growing threats, many organisations have realised that the balance between network performance and proper SSL inspection is not as simple as they had been led to believe by many of their network security providers,” he explains.

“By providing dedicated SSL visibility, Blue Coat is helping customers combat security threats hidden in encrypted traffic while preserving the enterprise customers’ priorities like network performance, user privacy and regulatory compliance that organisations today require,” Fey adds.

Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Spending on managed security services in A/NZ to grow despite COVID headwinds
COVID-19 has changed security priorities significantly, and managed security services in A/NZ are set to benefit. More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Proofpoint enhances security awareness training platform
Available in Q4 2020, the platform will integrate more closely with Proofpoint’s best-in-class threat intelligence.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Story image
Average cost of insider attack $2 million - Bitglass
A report has found 61% of companies had an insider attack in past year.More