Security Market Segment LS
Friday, 09 February 2018 08:34

SSL encrypted threats rose by a third in 2H 2017: claim

By

Cloud security firm Zscaler claims there has been an increase of 30% in SSL encrypted threats in the last six months of 2017, in keeping with the growth in SSL traffic. The statistics relate only to traffic passing through its own infrastructure.

In terms of figures, this amounted to 800,000 encrypted transactions that were being blocked each day. The first half average was 600,000.

In response to a query from iTWire, a company spokesperson said that while it had observed many instances of genuine certificates involved in phishing attacks and malware delivery, most certificates in malware callbackwere self-signed.

The company's bi-annual ThreatLabZ research update said attackers were leveraging SSL encrypted channels right through the attack cycle:

  • initial delivery vectors like malvertising, compromised sites, phishing pages, and malicious sites hosted the initial loading page;
  • this led to the exploit and/or malware delivery stage – use of SSL to deliver exploit and/or malware payloads; and
  • call home activity – many prevalent malware families are using the SSL-based command and control communication protocol.

The company said that it had seen a rise of 300% in activity of phishing sites in 2017. Two patterns were found to be more prevalent than others.

One method used a phishing page on a legitimate domain that had been compromised to deliver malware. Another used newly registered domains with similar but incorrect addresses that were programmed to imitate the websites of well-known brands like DocuSign, Microsoft, Apple and Dropbox.

ThreatLabZ also said it had found new malicious payloads that were using SSL/TLS for communication with command and control server activity, including malicious documents, APKs, and executables.

Deepen Desai, senior director of Research and Security Operations, Zscaler, said, “Web properties are quickly adopting SSL/TLS to curb privacy concerns, but without inspection of encrypted traffic, enterprises run the risk of an attack.

"Yet, SSL inspection can cause significant performance degradation on security appliances. These latest findings suggest that a multi-layer defence-in-depth strategy that fully supports SSL/TLS inspection is essential to ensure enterprises are secure.”

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments