View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 6, 2014

HTTPS creates blind spot for hackers

Inability to view SSL traffic means hackers can enact simple malware attacks unchecked.

By Jimmy Nicholls

A lack of visibility into SSL traffic is creating security risks around encrypted HTTPS web connections, according to the security company Blue Coat Systems.

The firm warned that the cover provided by the security layer of "always on" HTTPS connections, used by the likes of Google, Amazon and Facebook, means that hackers can enact simple malware attacks without fear of getting caught in what is said to be a growing problem for business

Hugh Thompson, chief security strategist for Blue Coat, said: "The tug of war between personal privacy and corporate security is leaving the door open for novel malware attacks involving SSL over corporate networks that put everyone’s data at risk.

"For corporations to secure customer data and meet regulatory and compliance requirements, they need the visibility to see the threats hiding in encrypted traffic and the granular control to make sure employee privacy is also maintained."

Blue Coat added that the trojan Dyre, recently thought to have targeted users of the software vendor Salesforce, was making use of the encryption blind spot with the capacity to steal banking information, health data, and intellectual property.

At the end of last year SSL web traffic accounted for 15-25% of the total, according to the research firm Gartner. By 2017 half of network attacks against businesses are expected to bypass controls through traffic encryption.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.