C&C using SSL to hide malware increased by 200 times - report

A research report discovered command and control servers (C&C) that use SSL to disguise malware increased by 200 times last year.
A research report discovered command and control servers (C&C) that use SSL to disguise malware increased by 200 times last year.

As much as encryption is an essential tool for securing individual and corporate data, security professionals continue to find that the rising use of encryption cuts both ways – it is as easily used by cybercriminals as it is by enterprises. A research report discovered command and control servers (C&C) that use SSL to disguise malware increased by 200 times last year.

The researchers also found that SSL-cloaked traffic in C&C increased by 58 times. In a release, enterprise security solutions provider Blue Coat Systems said the research indicates “that SSL/TLS will be increasingly used in the future to hide attacks.”

“Our researchers' findings reveal what many have long suspected – that SSL traffic as a primary channel for malware and exfiltration is dramatically increasing,” Blue Coat Systems president and COO Michael Fey said, in a statement. “In light of these growing threats, many organizations have realized that the balance between network performance and proper SSL inspection is not as simple as they had been led to believe by many of their network security providers.”

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS