Malware undetected using Transport Layer Security (TLS)

204
SHARE

According to a Sophos report, released this week there is a dramatic year-over-year increase in the use of the Transport Layer Security (TLS) cryptographic protocol. And TLS is a top tool used to secure web communications and application data. But it’s also being widely used now to allow malware operators to avoid detection.

HTTPS can help prevent wiretapping, man-in-the-middle attacks, and the cloning of trusted websites. But it also provides cover for cybercriminals to discretely share information from a website and a server hide-in-plain-sight from malware hunters. 

“It should come as no surprise, then, that malware operators have also been adopting TLS … to prevent defenders from detecting and stopping the deployment of malware and theft of data,” Sophos said.

Transport Layer Security (TLS) used more 

According to Sophos, in February 2020 only 24% of malware had deployed with Transport Layer Security (TLS) for communications. But by 2021, the number has seen more than a 46% increase.