sb-as logo
Story image

Major spike in Malware encryption, Blue Coat finds

Web security specialists Blue Coat is warning enterprises and governments against a ‘significant’ spike in malware hidden in SSL traffic.

According to the company, the rapid adoption of cloud and mobile apps and services is driving an increase in SSL/TLS encrypted traffic as concerns around personal privacy grow.

It says the growing use of encryption is creating perfect conditions for cyber criminals to hide malware inside encrypted transactions.

The advanced threats employ hidden command and control (C&C) channels to execute malicious programmes and exfiltrate proprietary data.

Blue Coat Researchers found a 58 times increase in SSL-cloaked traffic in C&C and a 200 times increase in C&C servers using SSL in 2015, indicating that SSL/TLS will be increasingly used in the future to hide attacks.

As attacks increase exponentially, much of enterprise security infrastructure remains blind to encrypted traffic, Blue Coat says.

“Our researchers’ findings reveal what many have long suspected – that SSL traffic as a primary channel for malware and exfiltration is dramatically increasing,” comments Michael Fey, president and COO, Blue Coat Systems.

“In light of these growing threats, many organisations have realised that the balance between network performance and proper SSL inspection is not as simple as they had been led to believe by many of their network security providers,” he explains.

“By providing dedicated SSL visibility, Blue Coat is helping customers combat security threats hidden in encrypted traffic while preserving the enterprise customers’ priorities like network performance, user privacy and regulatory compliance that organisations today require,” Fey adds.

Story image
Secureworks: Remote working exposes new security vulnerabilities
New vulnerabilities have been exposed as IT teams across the world respond to the ongoing COVID-19 pandemic.More
Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
Why best-practice threat data management provides confident automation
Understanding an organisation’s threat landscape requires having both the right threat data sources and the proper prioritisation to derive actionable threat intelligence for your organisation. More
Story image
Businesses left to make decisions based on old, inaccurate data, study finds
"It is more critical than ever that organisations have access to actionable, contextualised, near real-time threat data to power the network and application security tools they use to detect and block malicious actors."More
Story image
Gartner reveals the top strategic tech trends for 2021
“CIOs are striving to adapt to changing conditions to compose the future business - this requires the organisational plasticity to form and reform dynamically. Gartner’s top strategic technology trends for 2021 enable that plasticity.”More