The Latest in IT Security

Rise in Malware Using Encryption Shows Importance of Network Traffic Inspection

18
Feb
2020
Rise in Malware Using Encryption Shows Importance of Network Traffic Inspection

image credit: pxfuel

The reason is simple: encryption obfuscates malware code, making it difficult to analyze; prevents users from accessing the component files in the event of an infection; and hides and secures the attackers’ malicious network communication. In short, malware encryption makes it harder for traditional defenses to detect and mitigate that malware.

Malware normally collects victim machine data as the first phase of victim reconnaissance. If this data is encrypted before being sent back to the attacker — especially if the destination is a legitimate service (like Pastebin or GitHub) that also normally communicates with encryption — it is less likely to be detected as any form of communication from internal malware to external attacker.

Read More

Comments are closed.

Categories

WEDNESDAY, SEPTEMBER 30, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments