The encryption used in email messaging and secure web connections could allow virus writers to easily transmit viruses without being detected, according to a new report.
Researchers at anti-virus company Kaspersky Labs wrote in a report, entitled "Secure connections: how secure are they?", that the term "secure connection" is misleading and gives users a false sense of security as while the connection may be encrypted the data contained within could be harmful to corporate networks and user's computers.
The report said that neither firewalls, intrusion prevention systems nor anti-virus products can protect against viruses carried in a secure connection encrypted using PGP or SSL.
"Standard solutions protect computers against threats present in standard network connections, but aren't able to counter threats present in secure connections," said the report's authors. "Verifying the contents of a secure connection is impossible by virtue of its secure nature."
The researchers said that as a result, malicious data within secure channels can cause a significant amount of damage, and sometimes more than if it were to be transmitted via a standard, non-secure connection.
The researchers gave one example of webmail that offer access via a secure connection. If a virus writer sends a malicious payload to a victim, neither the webmail's anti-virus, which hasn't been updated nor will an anti-virus product on the victim's computer detect the virus as it will be encrypted in transmission. This would result in the victim's email database being deleted as it is often impossible to disinfect it.
The researcher said that users accessing secure web servers carrying a virus on a web page would not be able to detect a virus with their anti-virus product would not be able to read the encrypted data.
"Special methods have to be used in order to provide total protection against network threats," said the authors. "Another solution found by anti-virus manufacturers involves traffic verification."
Author: Rene Millman
Secure connections could allow viruses to proliferate