A new study recently published by A10 Networks has highlighted the danger of hidden threats in encrypted traffic, and how important it is for organizations to inspect encrypted packets.
The A10 Networks study was conducted by the Ponemon Institute on 1,023 IT security professionals based in Europe and North America. The majority of respondents were from the financial sector, healthcare industry and public sector organizations.
Questions were asked about the data breaches that had been experienced during the past 12 months, the causes of those breaches, and opinions were sought on the cybersecurity measure that had been employed and their effectiveness.
80% of respondents said their organization had experienced a cyberattack during the past 12 months, and three quarters of respondents said that malware could be used to steal employee credentials. 41% of respondents said that hidden threats in encrypted traffic had caused data breaches at their organization.
Inspecting encrypting traffic is important if data breaches are to be prevented, but that is easier said than done of course. IT professionals are aware that hackers are now using encryption to evade detection, but inspecting encrypted traffic is something of a challenge.
The study investigated why organizations are failing to inspect SSL packets. Three main reasons were identified. 47% of organizations said that encrypted traffic is not decrypted and inspected because their organizations do not have the appropriate security tools. 45% of respondents said they lacked the resources, and 45% said that checking for hidden threats in encrypted traffic would result in severe network performance issues. 53% of survey respondents said their cybersecurity solutions are collapsing as a result of SSL bandwidth demands.
While SSL encryption is important to prevent hackers from viewing data, encryption is now being used by hackers to prevent organizations from identifying malware. Many of the security tools used to protect networks are incapable of inspecting encrypted traffic.
Around two thirds of respondents said their organization was unprepared to detect malicious SSL traffic. The majority of respondents said they expected hackers to increase the use of encryption to hide malware in the future.
Raising awareness of the hidden threats in encrypted traffic is the first step. Doing something about those threats may be difficult, but if action is not taken, data breaches will occur.
According to Dr. Chase Cunningham, director of cyber operations at A10 Networks, “IT decision makers need to think more strategically.” Cunningham said, “IT leaders can be more effective by doing a few things very strategically with the best technology available. It’s the cyber security equivalent of the zombie marathon — as long as you can avoid being the slowest in outrunning the zombies, you minimise risk.”