BlizgBlizgBlizg
  • Business
  • Technology
  • Automobile
  • Software
  • Accessories
  • Apps
  • Security
  • Gaming
  • General
Reading: The Growing Threat of Encrypted Attacks
Share
Sign In
Notification Show More
Aa
BlizgBlizg
Aa
Search
  • Business
  • Technology
  • Automobile
  • Software
  • Accessories
  • Apps
  • Security
  • Gaming
  • General
  • Latest Phones
Have an existing account? Sign In
Follow US
© 2024 Blizg. All Rights Reserved.
Security

The Growing Threat of Encrypted Attacks

admin
Last updated: 2021/12/08 at 4:04 PM
admin
Share
6 Min Read
Encrypted Attacks
SHARE

HTTPS (Hypertext Transfer Protocol Secure) refers to an extension of the Hypertext Transfer Protocol (HTTP), used to make the communication between a server and browser properly secured. It’s a crucial part of the internet that is used for both authenticating an accessed website, and also protecting the integrity and privacy of data exchanged during transit. You can trust it, right?

Contents
From malware to browser exploitsFailure to inspect traffic properlyInvest in the right tools for the job

Unfortunately, as with many critical pieces of internet infrastructure, bad actors are constantly on the lookout for ways they can exploit the good intentions behind HTTPS as a way to cause damage. While HTTPS is the industry standard when it comes to encryption and data protection in transit, it’s not a foolproof solution when it comes to cracking down on bad actors. Malware is able to be transmitted and encrypted with just as much ease as genuine, legitimate files. Picture it like streets in a city: They can be used by emergency services, such as police or ambulances, to help people — but they can also be used by criminals. If, in the case of HTTPS, organizations fail to inspect encrypted traffic, they can leave themselves open to attack.

The problem is also getting worse, not better. This failure by organizations has helped result in a big rise in the number of attacks exploiting HTTPS. For those without the right protective measures, such as a web application firewall (WAF), the effects can be extremely devastating.

From malware to browser exploits

Many types of traffic can make use of HTTPS. The overwhelming majority of attacks that utilize encrypted channels are malware (which can, itself, take multiple forms — such as Ransomware or data exfiltration attempts — depending on what the attacker wants to achieve with it.)

But it could also be used for transmitting ad spyware, phishing attempts, cryptomining attacks (in which machines are taken over for use mining for cryptocurrency), botnets, XSS (cross-site scripting) attacks, webspam, browser exploits, anonymizer attacks, and more.

According to one recent report, HTTPS threats have increased more than 314 percent between January and September this year. In the previous year, threats increased nearly 260 percent, showcasing that 2021’s terrifying activity spike is far from an isolated scenario. Attacks vary depending on industry, with the greatest increase in attack rates being the 23x increase targeting tech companies. These make up more than half of attacks. Other sectors commonly targeted include manufacturing, retail and wholesale, finance and insurance, government, healthcare, and education.

Failure to inspect traffic properly

HTTPS does protect against certain malicious cyber attacks. For example, it safeguards against man-in-the-middle attacks, whereby an attacker inserts themselves into the communication between two parties, enabling them to carry out eavesdropping and possible data tampering. However, it can also be used by attackers to their advantage.

As already noted, many organizations don’t properly inspect encrypted traffic. Part of the reason for this is that encrypted files are more difficult to fingerprint than unencrypted files, meaning that they can more easily evade detection by security teams. Another explanation for not all security teams performing the proper HTTPS introspection comes down to how computationally intensive it can be. Attempts to carry this out at sufficient scale using legacy hardware security tools is virtually impossible. Inspection of HTTPS traffic can also create privacy issues if personal traffic is included in encrypted traffic.

Organizations that are aware of this threat need to ensure that they protect against encrypted exploits. The risk of data being stolen, computer systems being taken over, or myriad other potential “worst case scenario” situations is simply too bad to ignore — and getting worse all the time. It’s high time that organizations rethought their security posture in a way that protects against HTTPS exploits that seek to harm them, regardless of which industry or sector they are operating in.

Invest in the right tools for the job

One valuable tool to have in their arsenal is a web application firewall (WAF) or another firewall that’s able to perform TLS introspection to protect against encrypted malware. WAFs play a critical role when it comes to putting together a comprehensive, fool-proof Web Application and API Protection (WAAP) stack, designed to secure from edge to database. It means that users receive only the traffic that they want to receive. It’s the kind of technology that’s an essential piece of the puzzle to have in a world in which cyber attacks continue to plumb new depths in terms of the damage they can cause.

The best time to have invested in these tools would have been yesterday. Failing that, acting now is the second-best option available to you. It’s far better to invest in them prior to an attack, rather than having to deal with the consequences after the worst happens.

After all, there’s a whole industry of bad actors working overtime to ensure that the “worst that can happen” is even worse than you can possibly imagine.

You Might Also Like

How to Install and Use SUPERAntiSpyware for Maximum Protection

Building a Profitable Business Model with DDoS Protection Services

Flame-Free Living: Essential Tips for Home Fire Prevention

Enhancing The Safety And Privacy Of Your Virtual Office: Some Important Cybersecurity Insights

Keeping Your Company Protected From Data Breaches

admin December 8, 2021 December 8, 2021
Share This Article
Facebook Twitter Copy Link Print
Previous Article Apple TV Plus Ultimate Guide to Apple TV Plus Streaming
Next Article Data Center How A Modern Data Center Can Drive Business Growth
Leave a comment Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

500 Followers Like
112 Followers Follow

Latest News

Fintech
What Does the Future Hold for Fintech in Global Markets?
Business Technology May 12, 2025
Logistics Solutions
How Logistics Solutions Are Transforming E-Commerce Shipping?
Business April 21, 2025
Outsourcing Custom Software
Why Outsourcing Custom Software Development Is the Key to Success
Uncategorized April 20, 2025
Scoopupdates.com
Hidden Gems of ScoopUpdates.com You Might Have Missed
Technology April 9, 2025

Recent Posts

Fintech
What Does the Future Hold for Fintech in Global Markets?
Business Technology
Logistics Solutions
How Logistics Solutions Are Transforming E-Commerce Shipping?
Business
Outsourcing Custom Software
Why Outsourcing Custom Software Development Is the Key to Success
Uncategorized
Scoopupdates.com
Hidden Gems of ScoopUpdates.com You Might Have Missed
Technology

About Us

Blizg website is the perfect companion for you when you are looking out for the Tech Business, Games, Software, Apps & Security tips

Contact us: henrypaul9090@gmail.com

Categories

  • Accessories48
  • Apps37
  • Automobile119
  • Business376
  • Gaming33
  • General26
  • Latest Phones20
  • Security37
  • Software75
  • Technology280
  • Uncategorized8
BlizgBlizg
© 2024 Blizg. All Rights Reserved.
Welcome Back!

Sign in to your account

Lost your password?