You can’t fight what you can’t see.
Cliché as it may sound, cybercriminals are using organizations’ lack of network visibility as a cornerstone for their attack strategies. Savvy threat actors are encrypting their malware payloads to cloak attacks and defeat standard security controls.
At RSA Conference 2018 in San Francisco, SonicWall president and CEO Bill Conner spoke with TechRepublic about the rapidly changing cyber arms race and the need to properly detect and inspect encrypted traffic, which made up 68 percent of all web traffic in 2017 — a 24 percent year-over-year increase from 2016.
“In Q1, you see a dramatic increase in malware and ransomware. We’re also seeing a dramatic increase in SSL encryption, and encryption being used to carry malware,” Conner told TechRepublic.
As Conner discussed, the 2018 Cyber Threat Report illustrated these challenges. But the threat landscape changes rapidly. In the first quarter of 2018 alone, the average SonicWall customer faced:
- 7,739 malware attacks (151 percent increase over Q1 2017)
- 173 ransomware attacks (226 percent increase over Q1 2017)
- 335 encrypted threats (403 percent increase over Q1 2017)
By investing in updated solutions, and enabling SSL/TLS inspection capabilities, organizations can have the best of both security and performance. Many next-generation firewalls — like the SonicWall NSa series, for example — include DPI-SSL capabilities. However, these critical controls aren’t always activated or implemented properly, so it’s important to confer with your cyber security vendor or managed security services provider (MSSP) that you have the ability to decrypt and inspect SSL and TLS traffic.
Guidance on stopping encrypted cyber attacks
If you choose not to inspect encrypted traffic — or if your firewall is limited in its ability to do so — you are truly missing a critical value of your firewall.
It is possible for organizations to enjoy the security benefits of SSL/TLS encryption without providing a hidden tunnel for attackers.
For practical guidance on implementing SSL and TLS decryption and inspection abilities, review “Encrypted Cyber Attacks: Real Data Unveils Hidden Danger within SSL, TLS Traffic” or watch the on-demand webcast, “Technical Deep Dive on how to Defeat Encrypted Threats with SonicWall DPI-SSL Technology.”