As enterprises get better about encrypting network traffic to protect data from potential attacks or exposure, online attackers are also stepping up their Secure Sockets Layer/Transport Layer Security (SSL/TLS) game to hide their malicious activities. In the first half of 2017, an average of 60 percent of transactions observed by security company Zscaler have been over SSL/TLS, the company’s researchers said. The growth in SSL/TLS usage includes both legitimate and malicious activities, as criminals rely on valid SSL certificates to distribute their content. Researchers saw an average of 300 hits per day for web exploits that included SSL as part of the infection chain.
“Crimeware families are increasingly using SSL/TLS,” said Deepen Desai, senior director of security research at Zscaler.
Leave a reply