Study Reveals Hackers Increasingly Use Encryption to Hide Criminal Activity

Chances are your company, like many others, is using encryption to ensure the privacy of your data. However, as it turns out, cyber criminals have become adept at covering up breaches using the same technology, according to a study that was recently released.

In fact, encryption has been used to disguise the malware in nearly half of cyber attacks during a 12-month period, the study conducted by the Ponemon Institute and A10 Networks revealed. That’s presents a significant problem because SSL encryption allows the malware to go undetected by many security tools.

The study, which is called The Hidden Threats in Encrypted Traffic, helps organizations “better understand the risks to help them better address vulnerabilities in their networks,” said Ponemon Institute chairman Larry Ponemon.

The research included feedback from more than 1,000 IT and IT security practitioners based in the United States, Canada, Europe, Africa and the Middle East. Of those polled, 80 percent said their companies had experienced a cyber attack within the past year. About 50 percent said that encryption had been used as a way to avoid detection.

Study Reveals Hackers Increasingly Use Encryption to Hide Criminal ActivityMany of the companies — about 65 percent — also said that their companies were not equipped to detect malicious SSL traffic. They cited reasons ranging from insufficient skills and resources (45 percent) to the absence of enabling security tools (47 percent).

Software-based encryption making inroads

While there are concerns about hackers using encryption, innovations are underway to advance the technology, according to Now that data center workloads are migrating to the cloud, there’s an increasing need to encrypt data both in motion and at rest, the report said.

As a result, more infrastructure platforms will be available with encryption that’s built in and is continuously on.

Want to learn why EMP shielding, FedRAMP certification, and Rated-4 data centers are important?

Download our infographic series on EMP, FedRAMP, and Rated-4!


Alex Carroll

Alex Carroll

Managing Member at Lifeline Data Centers
Alex, co-owner, is responsible for all real estate, construction and mission critical facilities: hardened buildings, power systems, cooling systems, fire suppression, and environmentals. Alex also manages relationships with the telecommunications providers and has an extensive background in IT infrastructure support, database administration and software design and development. Alex architected Lifeline’s proprietary GRCA system and is hands-on every day in the data center.