Does SSL enable surveillance?

David Holmes
David Holmes, World Wide Security Evangelist, F5 Networks.

Millennials grew up with the internet and expect the internet to be there all the time. In addition to this, they expect all of their activity online to be secured and private and they commonly use encryption protocols like secure socket layers (SSL) to ward off prying eyes.

But as this generation make their way into the workforce, employers have to come up with ways to handle the various kinds of malware employees can potentially bring into the organisation. What we have on our hands is a potential collision between Millennials and other privacy activists and malware, with employees, authorities and governmental agencies around the world watching from the side-lines.

During my recent visit to South Africa for F5 Networks’ Tech Xchange event, I outlined some of the strategies that organisations can put in place to boost application security and mitigate potential threats. Malware has emerged as the most powerful tool for targeted data exfiltration – used particularly when an attacker is after something like intellectual property or outright currency. While it used to be difficult to get the malware into the organisation, the same SSL that Millennials use to protect their surfing habits allows the malware to enter the business undetected.

This most commonly occurs when employees click on links in malicious emails, which then installs custom malware onto the device and allows the attacker to control the user’s computer, map their network and, ultimately, access sensitive data. Similarly, the threat posed by distributed denial of service (DDoS) attacks is also ever-growing and continues to be a topic of concern for businesses.

Recent research has shown that South African businesses, much like their international counterparts, face unprecedented threat levels as a result of increases in cyber-attacks. In the first quarter of 2014, Kaspersky Labs research detailed that Algeria had the highest incidence of both web-based threats and local threats – from USBs, CDs and DVDs, etc – in Africa. South Africa experienced more than 4.6 million cyber-attacks and malware infections on computers and mobile devices during the period. This accounts for roughly 10% of the total attacks that occurred across the continent.

One such attack occurred in October 2013, when payment card systems at various shops, restaurants and hotels across South Africa were the victims of a significant cyber-fraud attack. The attackers used a variant of the malware dubbed Dexter, which is used to create cloned cards from information that is extracted when the card’s magnetic strip is scanned at a point-of-sale machine. The attack resulted in losses of roughly R10 million.

These threats force organisations to invest in the deployment of solutions that transparently crack open internet connections and actively block malware. Ultimately, monitoring is becoming ubiquitous.

We place a great deal of faith in SSL, but that faith is clearly misplaced. As the scope of all this monitoring comes to light, internet privacy and net neutrality could become the next hot topics for activist Millennials.

By David Holmes evangelist for F5 Networks’ security solutions