Happy Halloween: Bad Cyber Security is Scary
October 28, 2015 No CommentsFeatured article by Blue Coat
National Cyber Security Awareness Month and Halloween are both in October. Coincidence? Maybe. But, executives do have a lot to fear when it comes to cyber security.
While many executives and IT teams are working hard to keep the bad actors out, there are still A LOT of vulnerabilities out there dressed up as the good guys. Today many agencies are being fooled by cyber threats hiding in plain sight – disguised in Secure Sockets Layer (SSL) traffic.
To identify hidden threats to the business, enterprises need complete visibility into encrypted traffic. In this slideshow, Blue Coat takes your through the haunted maze of encrypted traffic, with tips around how to spot cyber threats dressed up as SSL, so enterprises can eliminate the tricks to enjoy the treats.
Cyber Attacks: Something Wicked This Way Comes
Research shows that the growing use of encryption to address privacy concerns is creating perfect conditions for cyber criminals to hide malware inside encrypted transactions, and even reducing the level of sophistication required for malware to avoid detection. The use of encryption across a wide variety of websites—both business and consumer – is increasing as concerns around personal privacy grow. In fact, eight of the top 10 global websites, as ranked by Alexa, deploy SSL encryption technology throughout all or portions of their websites.
Ghouls and Critters in Unseen Annexes
While a benefit for privacy purposes, the blanket use of encryption means that many businesses are unable to govern the legitimate corporate information entering and leaving their networks, creating a growing blind spot for enterprises. This growing visibility void also creates opportunities for attackers to deliver malware directly to users, bypassing network security tools.
A Fright in the Night
The lack of visibility into SSL traffic represents a potential threat especially given the fact that benign and hostile uses of SSL are indistinguishable to many security devices. Unfortunately, full coverage of the enterprise network with best-of-breed traffic inspection is beyond the capabilities of many enterprises, as Gartner points out. Gartner predicts that, in 2017, more than half of the network attacks targeting enterprises will use encrypted traffic to bypass controls.
The White Knight in Shining Armor
Knowing that no one wants to stop encrypting traffic, enterprises need a way to prevent threats that are being delivered through encrypted traffic, or use encrypted channels to hide information exfiltration. The good news is that maintaining the privacy of employee personal information and adhering to compliance regulations is possible, while still protecting the enterprise from unwanted intrusions and threats. Encrypted Traffic Management (ETM) allows organizations to protect stakeholders by being smart about what is seen and what is not. Encryption isn’t the enemy – it protects your business, customers and employees.
See What’s Lurking in Network Traffic
The malware, phishing attacks and other cyber threats that hide in SSL traffic are scary, but ETM removes the fear. With ETM, enterprises have the ability to see what’s lurking in network traffic and stop the threat before it causes damage. ETM also improves an agency’s compliance efforts and helps them maintain data privacy. Blue Coat’s Encrypted Traffic Management (ETM) Ready Program, which has recently grown to 17 partners, helps customers expose and combat threats hiding in encrypted traffic. Keeping the ghosts away, while ensuring compliance.