>
Many modern cyberattacks use encrypted traffic, meaning they’re harder to identify and repel, says a new report from Zscaler.
It argues that companies should use a cloud-native zero-trust architecture to better monitor internet-bound traffic and defend against incoming threats.
The report, based on more than 300 trillion daily signals and 270 billion daily transactions in the Zscaler Zero Trust Exchange, notes that the company blocked 24 billion encrypted threats by 2022, most of which used TLS or SSL. That’s a 20% increase from 2021 when the company blocked 20.7 billion such attacks and a 314% increase from 2020.
Malware and Ransomware
Typically, cyber criminals hide malware in encrypted traffic. Malicious scripts and payloads make up nearly 90% of all encrypted attack tactics blocked this year, Zscaler says.
Of all different types of malware (opens in new tab), ransomware remains one of the most devastating variants. Still, its destructive power is no guarantee of popularity – the most popular malware families are ChromeLoader (infostealer and adware), Gamaredon, AdLoad, SolarMarker, and Manuscrypt.
The biggest targets remain those in the United States, India, the UK and Australia, with South African casualties ranking in the top five for the first time.
With 613% and 155%, respectively, Japan and the US were among the countries with the largest increase in attacks. The manufacturing industry is still the main target (up 239%), mainly because of the Covid-19 measures that continue to shape the way these companies operate. Another notable sector is education (up 132% year-on-year).
On the other hand, attacks against government organizations and the retail industry fell by 40% and 63%, respectively, mainly because law enforcement agencies were quick to pursue threat actors targeting them, Zscaler believes.
“As organizations mature their cyber defenses, adversaries become more sophisticated, particularly in their use of evasive tactics,” said Deepen Desai, CISO and VP Security Research and Operations at Zscaler.
“Potential threats continue to hide in encrypted traffic, powered by as-a-service models that dramatically reduce the technical barriers to doing so. It is critical for organizations to adopt a cloud-native zero-trust architecture that enables consistent inspection of all Internet-bound traffic and effectively mitigates these attacks.”
- This is our roundup of the best firewalls (opens in new tab) now