Presentation is loading. Please wait.

Presentation is loading. Please wait.

Confidential | © A10 Networks, Inc. When Your Security Measures Become the Threat: The Hidden Dangers of SSL Traffic February 2016 02242015.

Published byHoratio Green Modified over 8 years ago

Similar presentations

Presentation on theme: "Confidential | © A10 Networks, Inc. When Your Security Measures Become the Threat: The Hidden Dangers of SSL Traffic February 2016 02242015."— Presentation transcript:

1 Confidential | © A10 Networks, Inc. When Your Security Measures Become the Threat: The Hidden Dangers of SSL Traffic February 2016 02242015

2 Confidential | © A10 Networks, Inc. The Cyber Threat Landscape The Need for Encryption SSL Usage Trends Threats Introduced by SSL Traffic How to Protect Against SSL Threats Agenda

3 Confidential | © A10 Networks, Inc. Impact of a Breach: Source: Information Is Beautiful Investigation and notification costs Brand damage Lost revenue Regulatory fines Lawsuits World’s Largest Data Breaches

4 Confidential | © A10 Networks, Inc. Data Breaches by the Numbers $3.79 million Average total cost of a data breach Total Cost Individual Cost Escalating Risk $154 Cost per lost or stolen record 23% increase in total cost of a data breach since 2013 Sources: Ponemon Institute, 2015 Cost of Data Breach Study: Global Analysis

5 Confidential | © A10 Networks, Inc. Top Causes of Large-Scale Breaches 225,000 new malware strains detected per day Malware Insider Abuse Advanced Persistent Threats 55% of abuse caused by users with legitimate access 66% believe their organization will be the target of APT Sources: PandaLabs Report Q1 2015 | 2015 Verizon Data Breach Investigation Report | Mandiant, a FireEye company

6 Confidential | © A10 Networks, Inc.  Next Gen Firewall  Secure Web Gateway  Intrusion Detection & Prevention  Advanced Threat Protection  SIEM  Network Forensics  Data Loss Prevention  Unified Threat Management Solutions are Failing Despite $71.1B investment in security SOURCE: Information Security, Worldwide, 2012-2018, 2Q14 Update, Gartner

7 Confidential | © A10 Networks, Inc. In 2013 25-35% SSL Traffic Is Increasing… 7 In 2016 67% Sources: NSS Labs, Sandvine 100%?

8 Confidential | © A10 Networks, Inc. Reasons Why More Organizations Are Encrypting Traffic  Snowden revelations of NSA snooping  Disclosures in 2014 that governments were injecting surveillance software in web traffic  YouTube and Microsoft Live used as conduits to inject malware  Both now encrypt traffic  Google ranks SSL sites higher for SEO Source: Washington Post

9 Confidential | © A10 Networks, Inc. Security Experts Agree: SSL Can Create New Risks SOURCE SANS –Speaker OK. Gartner ask permission for BDM LOGOS “Bad actors are after our data... and encrypting data is the best way to hide their transfers and malware communications from security devices.” ―J. Michael Butler, SANS Institute SOURCE: Finding Threats by Decrypting SSL.

10 Confidential | © A10 Networks, Inc. Cyber Threats Hidden in SSL Traffic Sources: Sandvine Internet Phenomena Report “Security Leaders Must Address Threats From Rising SSL Traffic,” 2013 67%50%80% of Internet traffic will be encrypted by 2016 of attacks will use encryption to bypass controls by 2017 of organizations with firewalls, IPS, or UTM do not decrypt SSL traffic

11 Confidential | © A10 Networks, Inc. Security Infrastructure Inspects Traffic to Stop Attacks AccountingEngineeringSales & Marketing ATP IPS Firewall SIEM Network Forensics AccountingEngineeringSales & Marketing z Alert Block

12 Confidential | © A10 Networks, Inc. AccountingEngineeringSales & Marketing ATP IPS Firewall SIEM Network Forensics AccountingEngineeringSales & Marketing z Data Exfiltration Anomalous Activity Successful Attack Undetected Malware Encryption Makes Security Devices Blind to Attacks

13 Confidential | © A10 Networks, Inc. Attacks that Can Hide in SSL Traffic

14 Confidential | © A10 Networks, Inc. Infiltration and Attacks Malvertising delivered over SSL-encrypted Adtech networks Malware distributed via social media Malware sent as attachments in email and instant messaging apps DDoS and Web app attacks Yahoo malvertising attack Facebook, Twitter, LinkedIn use SSL Koobface was a multimillion malware campaign that used Facebook Whatsapp, Snapchat encrypt IM Attackers can use SSL to bypass controls or overwhelm servers

15 Confidential | © A10 Networks, Inc. Insider Abuse Insiders can send sensitive data through web-based email Gmail, Yahoo Mail, MS Live encrypt Insiders can upload sensitive files to file sharing services Box, Dropbox, iCloud, OneDrive encrypt data C&C Communications Malware-infected machines communicate to command & control servers via SSL China’s APT1, Zeus, Shylock, KINS and CryptoWall malware use SSL Data Exfiltration Hidden in SSL

16 Confidential | © A10 Networks, Inc. How Malware Developers Exploit Encrypted Traffic Bot Infection Hidden in SSL TrafficData Exfiltration over SSL Drive-by download from an HTTPS site Malicious file in instant messaging Malicious attachment sent over SMTPS Command and control server communication Stolen data sent via email or to cloud storage sites Malware receiving C&C updates from social media sites

17 Confidential | © A10 Networks, Inc. Security Experts Agree: Businesses Must Inspect SSL SOURCE SANS –Speaker OK. Gartner ask permission for BDM LOGOS “ Organizations without traffic decryption plans are blind not only to these new sophisticated attacks but also to any attacks that take place over encrypted connections.” ― Gartner SOURCE: Security Leaders Must Address Threats From Rising SSL Traffic, Jeremy D’Hoinne, Adam Hills, December 2013, refreshed Jan 2015  “Many current security tools also cannot inspect encrypted traffic, allowing hackers to hide behind the encryption that protects sensitive data.. ” Robert L. Scheier Six Steps to Stronger Retail Security, Robert L. Scheier

18 Confidential | © A10 Networks, Inc. Eliminate Blind Spots Detect Advanced Threats Empower Your Security Infrastructure Prevent Data Breaches SSL Decryption is Critical

19 Confidential | © A10 Networks, Inc. SSL Insight Overview  Client Initiates outbound communication  Traffic is decrypted  Decrypted traffic is inspected by security solutions  Data is encrypted  Secure tunnel is established  Any data returned is decrypted, inspected and encrypted before reaching the client Other DLP UTM IDS Internet SSL decryption Encrypted Decrypted Encrypted Inspection/ Protection Client 6 4 3 5 2 1

20 Confidential | © A10 Networks, Inc. SSL Insight – Inline Single Appliance Deployment Firewall or Inline Security Device HTTP SSL ADP 1 ADP 2 SSL This deployment mode provides SSL visibility to an inline security device One partition decrypts SSL traffic and forwards it to security devices A second partition encrypts traffic L2 deployment Secure Traffic Clear Traffic

21 Confidential | © A10 Networks, Inc. SSL Insight – Inline and Passive Mode Security Devices Client Open once and inspect multiple times Multiple security devices Inline (Layer 2) and passive (TAP) mode devices supported on SPAN/Mirror Port SWG Secure Web Gateway SSLHTTP SSL IPS/Firewall ATP / SIEM Secure Traffic Clear Traffic

22 Confidential | © A10 Networks, Inc. Why Customers Choose A10 All-Inclusive Licensing and Support Advanced Security & Networking Features Best-in Class Performance Gold Standard for Reliability and Support Data Center Efficient Design Flexible Cloud Deployment & APIs

23 Confidential | © A10 Networks, Inc. Security Uncover threats concealed in inbound and outbound SSL traffic Performance Relieves the security gateway and server of SSL tasks Availability Faster server response time and automatic redundancy Scalability Scale server and security gateway capacity with integrated load balancing 1 2 3 4 SSL Insight Benefits

24 Confidential | © A10 Networks, Inc. SSL Insight Provides the Visibility You Need Escalating Risks from SSL TrafficSSL Insight Value Full SSL visibility to uncover attacks and prevent breaches 10x More Performance Decrypt once and inspect many times with load balancing and flexible explicit and transparent proxy deployment Data breaches are costly SSL traffic renders security devices ineffective; decrypting SSL traffic slows down firewalls To ensure you’re not the next victim, deploy an SSL inspection platforms $

25 Thank you

Download ppt "Confidential | © A10 Networks, Inc. When Your Security Measures Become the Threat: The Hidden Dangers of SSL Traffic February 2016 02242015."

Similar presentations

Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
© 2011 Infoblox Inc. All Rights Reserved. Infoblox – control, secure & automate Mike Carroll.

© 2011 Infoblox Inc. All Rights Reserved. Infoblox – control, secure & automate Mike Carroll.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.

Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.

The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.

1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Barracuda Networks Confidential 1 Barracuda Web Filter Overview 1 Barracuda Networks Confidential11 Barracuda Web Filter Overview.

Barracuda Networks Confidential 1 Barracuda Web Filter Overview 1 Barracuda Networks Confidential11 Barracuda Web Filter Overview.
Your technology solution partner.™ Security Enterprise Protection Gener C. Tongco Product Manager CT Link Systems Inc.

Your technology solution partner.™ Security Enterprise Protection Gener C. Tongco Product Manager CT Link Systems Inc.
IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.

IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.

Similar presentations

Ads by Google