Researchers found that nearly half of all malware is being hidden within TLS-encrypted traffic in order to evade detection from security tools.
<p>Organisations should never assume that traffic is safe just because it’s encrypted. For cybercriminals, hiding within encrypted traffic offers the perfect disguise: they know this is a major security gap for organisations since AV tools can’t look inside encrypted tunnels. This gives the bad guys free reign to send malware or other exploits over HTTPS – and as more machines and clouds rely on encrypted traffic, this tactic will become even more popular among cybercriminals.</p> <p> </p> <p>The best defence organisations have is to inspect all inbound, cross-network, and cross-cloud traffic, and ensure that security tools are able to inspect encrypted traffic to eliminate blind spots. This creates a need for centralised intelligence and automation to ensure that all security tools – such as firewalls, intrusion detection and prevention, or analytics – are fed and updated with the all the relevant machine identities to ensure they can inspect all traffic. Otherwise these just become gaping holes in a company’s defence for hackers to exploit.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics