Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    More Hackers Building SSL Encryption into Malware, Zscaler Finds

    By
    Robert Lemos
    -
    August 3, 2017
    Share
    Facebook
    Twitter
    Linkedin
      SSL Malware Threat

      Malware authors and operators are increasingly using Secure Sockets Layer (SSL) encryption to hide their communications and escape detection, with the use of SSL for malware communications doubling in the first six months of 2017, security-in-the-cloud firm Zscaler said in its latest threat report.

      On average, the company has seen 600,000 “encrypted malicious activities” every day, including calling back to command-and-control servers, phishing attempts and malware delivery. About 60 percent of the malicious activities were related to banking Trojans and a quarter related to ransomware, the Zscaler analysis stated.

      “I think we are heading in the direction where SSL will become [a de-facto measure taken by attackers], because it provides an additional layer of security for them to cover the C&C communications,” Deepen Desai, senior director of research for Zscaler, told eWEEK.

      “Even today, they will not do command-and-control over plain text; they will use custom encryption. SSL just adds another layer on top it.”

      The company found that as many as a quarter of all new malware executables analyzed in its cloud sandbox communicated over SSL and transport layer security (TLS) in 2017.

      Malware authors have always found different ways to hide their programs’ communications, such as using the TOR network or going through covert channels using DNS queries. Yet, SSL is a Web standard and so is very common on corporate networks. In 2016, security firm Blue Coat found that malicious SSL activity jumped by a factor of 58.

      Exploit kits, malware, adware and C&C communications have all been observed using SSL encryption to hide the content of the communications. More than 300 Web exploits per day use SSL as part of their infection chain, the company said.

      Zscaler and Blue Coat are not the only companies to see the increasing obfuscation of communications by attackers. On Aug. 3, security firm Kaspersky Lab published an analysis of current trends in steganography, a communications technique that embeds messages or data in other traffic—most often, images.

      The company stated that steganography has become popular with the developers of malware and spyware, but that most anti-malware tools have trouble detecting the payloads.

      “So far, the security industry hasn’t found a way to reliably detect the data exfiltration conducted in this way and the goal of our investigations is to draw industry attention to the problem and enforce the development of reliable yet affordable technologies, allowing the identification of steganography in malware attacks,” Alexey Shulmin, security researcher at Kaspersky Lab, said in a statement.

      Zscaler warned companies that the increase in SSL encryption should prompt firms to focus on inspecting SSL traffic.

      The company also noted other trends in its threat report, including the increase in network-connected devices in the enterprise. Such devices connected to the so-called Internet of Things are often vulnerable to attack. The most common IoT devices are focused on entertainment, comprising 30 percent of all devices detected, security (27 percent) and health (13 percent).

      Robert Lemos
      Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×