By Kevin Townsend on February 18, 2020
The criminal use of encryption to hide malware is growing rapidly. In the first half of 2019 the use of encryption by malware almost equaled the entire encrypted volume of 2018, and is not likely to slow. Today, nearly a quarter of malware communicates using TLS.
The reason is simple: encryption obfuscates malware code, making it difficult to analyze; prevents users from accessing the component files in the event of an infection; and hides and secures the attackers' malicious network communication. In short, malware encryption makes it harder for traditional defenses to detect and mitigate that malware.