Network encryption is a security best practice as it protects the privacy and confidentiality of network traffic as it travels from source to destination. While this can be beneficial, security professionals understand that network encryption can also be used for malicious purposes. Cyber-criminals and hackers can use encrypted channels to hide reconnaissance activities, malware distribution, and command-and-control traffic alongside benign SSL/TLS sessions. By encrypting their malicious actions, hackers are able to circumvent traditional network security tools used for packet filtering, traffic inspection, and advanced threat detection/prevention that can only examine unencrypted network packets. The dilemma is also exacerbated by the fact that advanced persistent threats (APTs) are increasingly using non-standard ports - beyond HTTPS/web on tcp port 443 - to infiltrate organizations and confiscate proprietary data. CISOs must also realize that this threat will only increase as organizations encrypt more and more of their overall network traffic.
Download this survey to learn:
- How organizations are vulnerable to cyber-attacks through encrypted channels;
- What potential threats lie within encrypted traffic;
- Challenges associated with the inspection of encrypted network traffic.