Spread of Internet encryption creating ‘visibility void’ claims Blue Coat

Posted on by

Large numbers of websites and Internet services are disappearing behind encrypted connections, part of a growing visibility void in which organisations struggle to tell friendly traffic from foe, security firm Blue Coat has argued.

At first sight its an odd perspective because the use of encrypted HTTPS connections by services such as Google, Facebook and Twitter is normally seen as a good thing, which indeed it is. But tolerance of unmonitored traffic is now carving out a space for malevolent traffic to flourish, or so the argument goes.

The problem is that organisations can ignore encrypted traffic and risk letting in malevolent software which also increasingly uses encryption to hide command and control, or disallow it all, making it impossible for employees to visit legitimate sites.

Using figures from Blue Coats customers, 69 percent of traffic to the top 50 most popular websites is now encrypted by default, with Google, Facebook, YouTube, Yahoo and Baidu the top five in that order.

Only mass-market news sites such as ESPN, BBC News, CNN, or Pandora, leave encryption turned off for maximum compatibility. In the UK, the BBC is now the only non-encrypted site in the top ten.

Meanwhile, the growth of cloud services - big users of encryption - is adding to the probability that in time almost all corporate traffic would be invisible.

The tug of war between personal privacy and corporate security is leaving the door open for novel malware attacks involving SSL over corporate networks that put everyones data at risk, claimed Blue Coats chief security strategist, Hugh Thompson.

For corporations to secure customer data and meet regulatory and compliance requirements, they need the visibility to see the threats hiding in encrypted traffic and the granular control to make sure employee privacy is also maintained.

The firm also said that around one in ten of the security requests its researchers received in an average week was now regarding a suspicious website using encryption, equivalent to around 100,000 requests.

It is these dark or unknown sites that underline the need to monitor encrypted channels, he firm said, giving the example of the Dyre malware as only the latest example from a growing list using encrypted channels.

Read the original:
Spread of Internet encryption creating 'visibility void' claims Blue Coat

Related Posts
This entry was posted in $1$s. Bookmark the permalink.