The Latest Trustwave News
Product and Solution Information, Press Releases, Announcements
|Cloaking Dirty Deeds: How to Inspect Encrypted Network Traffic|
|Posted: Thu Sep 12, 2019 01:44:57 PM|
In the constant battle between good and evil in the digital realm, security warriors canít seem to get a leg up on attackers at times. Even when tools and techniques that are intended to work against malicious actors are used, cyber miscreants pivot and somehow use it for their advantage. Thatís certainly been the case with encryption.
For years security professionals have used this method to their advantage to make their sensitive information valueless for attackers. Although threat actors can overcome encryption at times, they now encrypt their activity, making it more challenging to identify their dirty deeds.
Experts at Trustwave SpiderLabs have seen a significant spike in bad actors using encryption in their malware and attacks. This makes it difficult for the good guys to see whatís going on and take action, says Karl Sigler, senior security research manager at Trustwave SpiderLabs.
ďItís kind of like robbing a bank if youíre invisible,Ē Sigler says. ďIf you canít see it, itís hard to defend against it.Ē
Encrypted malicious traffic causes a massive issue for security teams that are used to sniffing out networks to see if any malicious activity is occurring.
In the full video interview below, Sigler discusses the challenges this presents for security professionals but also advises on what can be done to overcome them.