iboss Explores Security Challenges Posed by Encrypted Web Traffic

BOSTON, MA / ACCESSWIRE / July 11, 2019 / In the realm of networks and internet activity, encryption is fully intended to primarily enhance security - not vice versa. iboss, the provider of cloud-based internet security, points out that if left unchecked, hackers and cybercriminals can take advantage of the very same qualities this security is intended to provide. Although encrypted web traffic is essential for an organization’s data and network protection, it also creates separate issues that must be equally addressed. Failing to leverage the benefits of this technology with its inherent risks can result in profound consequences.

As organizations integrate more mobile devices into their networks, data and workflows are no longer restricted to highly secured portions, leading many entities to increase their reliance on encryption to protect their data. This trend has caused its usage to reach a new high, now accounting for over 72 percent of all network traffic. According to Gartner, a leading cyber security research group, more than 80 percent of enterprise web traffic will be encrypted by 2019. There is a downside to this increase however, as over half of malware campaigns will utilize some type of encryption by 2019, Gartner says.

While widespread use of encryption is a good sign for overall network security levels, new challenges in regards to the monitoring of web traffic are also a result. A tool in and of itself, encryption can be used to hide web activity and malware from detection - whether for normal or malicious traffic. Cybercriminals are certainly keen to this notion, using it to their advantage in order to hide their presence and evade detection when delivering malware, ransomware, trojans, or extracting stolen data. The result is a corresponding rise in nefarious internet activity alongside increased encryption use by the general public and most businesses.

For network security teams, this is not an easy problem to address. Actively examining encrypted traffic in real-time is CPU-intensive, placing a massive strain on the device, which then renders it nearly useless in terms of performance. The result is much of today’s encrypted traffic bypassing evaluation, and thus being exploited by cybercriminals. There are no signs of this traffic slowing down, and all industry estimates indicate an increasing rise in encryption usage going forward. iboss strongly advises organizations to address this complex challenge before it becomes critical. Allowing uninspected traffic to flow freely through networks can generate a number of problems for not only a company’s internal network, but also risk confidential data and customer privacy.