Virtual Graffiti Australia Pty Ltd - Your Source for Technology, Security & Networking Solutions

Cloaking Dirty Deeds: How to Inspect Encrypted Network Traffic

In the constant battle between good and evil in the digital realm, security warriors can’t seem to get a leg up on attackers at times. Even when tools and techniques that are intended to work against malicious actors are used, cyber miscreants pivot and somehow use it for their advantage. That’s certainly been the case with encryption.

For years security professionals have used this method to their advantage to make their sensitive information valueless for attackers. Although threat actors can overcome encryption at times, they now encrypt their activity, making it more challenging to identify their dirty deeds.

Experts at Trustwave SpiderLabs have seen a significant spike in bad actors using encryption in their malware and attacks. This makes it difficult for the good guys to see what’s going on and take action, says Karl Sigler, senior security research manager at Trustwave SpiderLabs.

“It’s kind of like robbing a bank if you’re invisible,” Sigler says. “If you can’t see it, it’s hard to defend against it.”

Encrypted malicious traffic causes a massive issue for security teams that are used to sniffing out networks to see if any malicious activity is occurring.

In the full video interview below, Sigler discusses the challenges this presents for security professionals but also advises on what can be done to overcome them.