Report: Most cyberattacks now use encrypted traffic |
A new report from cloud security company Zscaler shows that many modern cyberattacks exploit encrypted traffic, which means they are difficult to identify and stop.
According to the report, organizations should adopt the cloud-based Zero Trust architecture to better monitor internet-related traffic and defend against inbound threats.
A zero trust architecture is defined as an enterprise network security architecture based on zero trust principles and designed to prevent data leakage and limit internal lateral movement.
Based on more than 300 trillion daily signals and 270 billion daily transactions through the Zscaler Zero Trust Exchange, the report states that the company will block nearly 24 billion cryptographic threats in 2022 alone, most of them using TLS or using SSL security. These numbers represent a 20% increase from 2021, when the company prevented 20.7 billion of these attacks, and a 314% increase from 2020.
Zscaler said that in most cyberattacks, cybercriminals hide malware in encrypted traffic, with malicious scripts and data accounting for nearly 90% of all encrypted attack vectors blocked this year.
Among all the different types of malware, ransomware remains one of the most harmful, according to Zscaler. There are also more popular malware: ChromeLoader, Gamaredon, AdLoad, SolarMarker and Manuscrypt.
The main targets remained the US, India, the UK and Australia, with victims in South Africa taking the top five for the first time, according to the report.
Japan and the United States are the two countries where cyberattacks increased by 613% and 155%, respectively. Manufacturing remained the top target, up 239%, largely because of COVID-19 measures that continue to dictate how these businesses operate. Another notable sector is education, which grew by 132% year-on-year.
On the other hand, according to Zscaler, cyberattacks on government and retail organizations decreased by 40% and 63%, respectively, largely because law enforcement agencies moved quickly to attack their target actors.
Deepen Desai, Zscaler's chief information security officer and vice president of security research and operations, said that as organizations improve their cyber defenses, adversaries are also becoming more sophisticated, particularly when using evasive tactics.
Desai added that potential threats continue to hide in encrypted traffic using service models that significantly reduce technical barriers.