Many modern-day cyberattacks use encrypted traffic, meaning they’re harder to identify and counter, a new report from Zscaler claims.
It states that businesses need to adopt a cloud-native zero-trust architecture to better monitor internet traffic and defend against incoming threats.
The report, based on more than 300 trillion daily signals and 270 billion daily transactions on the Zscaler Zero Trust Exchange, notes that the company blocked 24 billion encrypted threats, most using TLS or SSL, in 2022. This is a 20% increase from 2021 when the company blocked 20.7 billion such attacks, and a 314% increase from 2020.
Malware and ransomware
In most cases, cybercriminals hide malware in encrypted traffic. According to Zscaler, malicious scripts and payloads account for nearly 90% of all encrypted attack tactics that have been blocked this year.
From all types of malware (opens in a new tab), ransomware remains one of the most devastating variants. However, destructive power does not guarantee popularity – the most popular malware families include ChromeLoader (information stealing and adware), Gamaredon, AdLoad, SolarMarker and Manuscrypt.
The largest targets remain those located in the US, India, UK and Australia, with South African victims making the top five for the first time.
With 613% and 155% respectively, Japan and the United States were among the countries with the largest increases in attacks. Manufacturing continues to be the number one target (239% growth), largely due to the Covid-19 measures still dictating how these companies operate. Another notable industry is education (up 132% year-on-year).
On the other hand, the number of attacks against government organizations and retail decreased by 40% and 63%, respectively, mainly because law enforcement was quick to pursue cybercriminals attacking them, according to Zscaler.
“As organizations develop their cyber defenses, adversaries are becoming more sophisticated, especially in their use of evasion tactics,” said Deepen Desai, CISO and VP of Security Research and Operations at Zscaler.
“Potential threats still lie in encrypted traffic, supported by as-a-service models that dramatically reduce technical barriers in this area. It is critical that organizations adopt a zero-trust cloud-native architecture that enables consistent control of all internet traffic and effectively mitigates these attacks.”
- Here is our roundup of the best firewalls (opens in a new tab) now