Trustwave Blog

Cloaking Dirty Deeds: How to Inspect Encrypted Network Traffic

Written by Marcos Colón | Sep 12, 2019

In the constant battle between good and evil in the digital realm, security warriors can’t seem to get a leg up on attackers at times. Even when tools and techniques that are intended to work against malicious actors are used, cyber miscreants pivot and somehow use it for their advantage. That’s certainly been the case with encryption.

For years security professionals have used this method to their advantage to make their sensitive information valueless for attackers. Although threat actors can overcome encryption at times, they now encrypt their activity, making it more challenging to identify their dirty deeds.

Experts at Trustwave SpiderLabs have seen a significant spike in bad actors using encryption in their malware and attacks. This makes it difficult for the good guys to see what’s going on and take action, says Karl Sigler, senior security research manager at Trustwave SpiderLabs. 

“It’s kind of like robbing a bank if you’re invisible,” Sigler says. “If you can’t see it, it’s hard to defend against it.”

Encrypted malicious traffic causes a massive issue for security teams that are used to sniffing out networks to see if any malicious activity is occurring.

In the full video interview below, Sigler discusses the challenges this presents for security professionals but also advises on what can be done to overcome them.


Interesting in learning more about what our elite cybersecurity team can do to assist in further protecting your business? Here's more on the Trustwave SpiderLabs team.

 

 

Marcos Colón is the content marketing manager at Trustwave,
and a former IT security reporter and editor.