Natilik Blog

Cisco ENA- Decrypt the Encrypted without Decrypting it

Written by rtempest | Aug 22, 2017 9:53:10 AM

Sending and receiving sensitive information has always been a challenge, no matter which end of the exchange you sit on. I often refer to receiving encrypted messages from my Bank. I get an alert that I have a message waiting for me. I go online- then spend the next 25 minutes struggling to remember a password, a memorable date and a 4 digit pin code. I'm lucky if I make it through.

 

If I do get in, I must admit, it does provide a real sense of achievement for I have accessed my own bank account (smug), on my own, remembering not just 1, but 3 key bits of information. Take that N**w*st.

 

I then navigate my way to the 'messages' section where my alert is waiting for me. You can probably sense the anticipation and excitement building. Alas, the feeling doesn't last long, and I get overwhelmed by a sense of crushing demoralisation when I see the words "To continue to enter your Card into the Card Reader".

 

I guess what I'm saying is that encryption can be painful, but it's not just the end users that feel the impact, the banks have it tough too.

You can't point the blame at them. They're using encryption as a means to protecting our data, but the problem is, as you can see, the detrimental impact on the customer experience. Finding the usage balance is often a headache for the Infosec teams I speak to.

 

 

HIDING MALWARE IN ENCRYPTED TRAFFIC IS A BIT LIKE STICKING ON A FAKE MOUSTACHE AT THE CHECKPOINT

 

Whilst we're feeling sorry for them let me tell you that banks and similar businesses or any using encryption also now face an added challenge. Hackers are now exploiting encryption as a means to delivering malware. They have discovered that hiding malware in encrypted traffic is a bit like sticking on a fake moustache at the checkpoint. So providers now face a bigger problem, do we let them through or do we stop and inspect them and risk a delay.

So how do we get around this predicament?

The most common method is to simply employ huge teams of Cyber Security experts who can manually decrypt each and every packet of information, inspect it for malware using a plethora of software applications, re-encrypt it, then send it onto its destination.

 

 

IN THE DIGITAL AGE, TIME REALLY IS MONEY

 

You can probably guess the issues. Time and money, or one the result of the other. Well in the digital age, time really is money, and so previous methods are no longer suitable.

The alternative, of course, would stop encrypting as much traffic or just let the fake wigs and glasses through. Sadly the hackers’ got this one covered too!

 

 

ROCK AND A HARD PLACE

 

There is now another way.

Ladies and Gentlemen, please welcome to the stage, the Network. Intuitive, from Cisco.

Whilst the name of this new protagonist of the Enterprise Networking theatre will remain forever grammatically incorrect, it is rather relevant.

 

 

ENCRYPTED NETWORK ANALYTICS

 

Cisco has just released a series of components that utilise whats being dubbed ‘Encrypted Network Analytics’ This game-changing new feature will allow IT and InfoSec teams to analyse encrypted traffic using inbuilt Cisco Threat Intelligence Capabilities. This new age Machine Learning informs the network of possible malware signs without going fully 'under the hood' as it were. This means that we can still utilise encryption, but automate processes to significantly decrease inspection times. Whats more, with Cisco seeing the second largest amount of internet traffic outside of Google, this intelligence is only going to increase.

Pretty awesome.

 

 

If you want to find out whether ENA has a role in your next security production, then click here to find out more, or if you're keen to chat to an expert, then get in contact here.