SSL/TLS Encryption Tempting Target for Hackers

The growth of SSL/TLS encryption to protect end-to-end communications over the Internet is a positive trend, but like many security advances, it has emerged as a tempting target for hackers.

Exploiting SSL or TLS encryption, skilled attackers can evade intrusion prevention systems (IPS) and anti-malware inspection systems. This tactic was used in a brazen malvertising campaign last summer to expose as many as 900 million Yahoo users to malware by redirecting them to a site that was infected by the Angler exploit kit.

There has been a sharp rise in the use of HTTPS, mainly because of Google’s HTTPS Everywhere initiative, which is working toward the goal of ensuring all communications are secure by default. Federal regulations and industry standards also mandate the use of HTTPS for at-risk sectors such as healthcare, financial and retail.

The good news is that businesses can realize the security benefits of SSL/TLS encryption without providing a tunnel for attackers. In addition to general security best practices like keeping all operating systems and software updated, businesses can upgrade to a next-generation firewall that supports Deep Packet Inspection of Secure Socket Layer (DPI-SSL).

Essentially, DPI technology examines encrypted HTTPS and other SSL-based traffic. The traffic is decrypted transparently, scanned for threats, and then re-encrypted and sent along to its destination. If threats or vulnerabilities are found, the traffic is blocked.

DataLink can assist with all your security and compliance needs. Contact us today at 410.729.0440 or sales@DataLinkTech.com.