Skip to main content

Encrypted communications can be decrypted in real-time

Security firm Bitdefender has some troubling news regarding our encrypted communications. As it turns out, they're not so secure as we thought.

The company developed a new technique, named TeLeScope, which allows attackers to decrypt communications in real-time, without leaving any digital footprint. It can be traced only by 'extremely careful security auditors'.

The technique allows anyone to eavesdrop on communications encrypted with the Transport Layer Security (TLS) protocol, between the end-user and a virtualised instance of a server. It is only effective against such virtualised environments running on top of a hypervisor, but Bitdefender says that’s not much of an issue, knowing they’re provided by the likes of Amazon, Google, Microsoft and DigitalOcean.

In the press release following the discovery, Bitdefender says that it might have discovered this technique, but it doesn’t necessarily have to mean it was the first one. Companies outsourcing their virtualised infrastructure should assume that all encrypted communication has been decrypted and read, for example by Government agencies, for God knows how long, Bitdefender says.

“There is no telling whether communications have been compromised and for how long this has been happening because this approach does not leave any anomalous forensic evidence behind,” says Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender. “Banks and companies that are dealing with either intellectual property or personal information, as well as government institutions, are the sectors that could be highly affected by this flaw.”

“We discovered this attack vector while researching a way to monitor malicious outbound activity on our honeypot network without tampering with the machine and without tipping attackers off in any way that they are being watched. Upon discovering the flaw, we decided to publically disclose this in detail, as the social, economic and political stakes of passive traffic monitoring in virtualised environments are overwhelming.”

Photo credit: / Shutterstock

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.