PUBLICATION & RESEARCH LIBRARY

Authors: Jason Pappalexis and Jayendra Pathak

Publish Date: December 12, 2016

Encrypted communications bypass enterprise security controls for a number of reasons, including concern over latency during scanning, the need for privacy, and even misconfiguration of the security controls themselves. If an encrypted channel is not scanned and controlled, it becomes the perfect vehicle for hiding malware downloads and command and control (C&C) communication, and for exfiltrating data from an unsuspecting endpoint. And, once an endpoint is infected, malware can open additional encrypted channels to spread the infection.

The second in a series on the encrypted web, this brief investigates the increasing use of encryption for covert communication and looks at well-known attacks that utilize encryption.