Many modern cyberattacks take advantage of encrypted traffic, which means they're harder to identify and repel, according to a new report from Zscaler.
It says that enterprises should adopt a cloud-native zero-trust architecture to better monitor Internet-bound traffic and defend against incoming threats.
The report, based on more than 300 trillion daily signals and 270 billion daily transactions on the Zscaler Zero Trust Exchange, notes that the company blocked 24 billion cryptographic threats, most using TLS or SSL, in 2022. an increase of 20% from 2021 when the company blocked 20.700 billion such attacks and a 314% increase from 2020.
Malicious software and ransomware
Most of the time, cybercriminals hide malware in encrypted traffic. Malicious scripts and payloads account for nearly 90% of all encrypted attack tactics blocked this year, according to Zscaler.
Of all the different types of malware (opens in a new tab), ransomware remains one of the most devastating variants. However, destructive power does not guarantee popularity: the most popular malware families include ChromeLoader (infostealer and adware), Gamaredon, AdLoad, SolarMarker, and Manuscrypt.
The top targets remain those in the US, India, UK and Australia, with South African victims making the top five for the first time.
With 613% and 155% respectively, Japan and the United States were among the countries with the highest increase in attacks. The manufacturing industry remains the number one target (239% increase), mainly due to the Covid-19 measures that still dictate the operation of these companies. Another notable industry is education (132% increase year over year).
On the other hand, attacks on government and retail organizations dropped 40% and 63% respectively, mainly because law enforcement quickly pursued attackers who were targeting them, according to Zscaler.
“As organizations mature their cyber defenses, adversaries become more sophisticated, particularly in their use of evasion tactics,” said Deepen Desai, CISO and vice president of security and investigation operations at Zscaler.
“Potential threats continue to lurk in encrypted traffic, bolstered by as-a-service models that significantly lower technical barriers. It is critical that organizations adopt a zero-trust cloud-native architecture that enables constant inspection of all Internet-bound traffic and effectively mitigates these attacks.
- Here's our roundup of the best firewalls( opens in a new tab) right now