With TLS encryption, attackers can use this as a tunnel to hide attacks from legacy packet inspection tools.

​Exactly a year ago, attackers used an advertisement on Yahoo to redirect users to a site infected by the Angler exploit kit. Just weeks before, users were exposed to more malicious software through compromised advertisements that showed up across the web. In total, at least 910 million users were potentially exposed to malware through these attacks. The common thread? The malware was hidden from firewalls by SSL/TLS encryption.
Companies can stop SSL/TLS attacks, however most don’t have their existing security features properly enabled to do so. Legacy network security solutions typically don’t have the features needed to inspect SSL/TLS-encrypted traffic. The ones that do, often suffer from such extreme performance issues when inspecting traffic, that most companies with legacy solutions abandon SSL/TLS inspection.

Source: Can Good Encryption be a Double-Edged Sword for Security in Australia?

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

Leave a Reply