Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced the release of its annual State of Encrypted Attacks Report, detailing the analysis of more than 24 billion threats from October 2021 to September 2022 Track HTTPS trends -based attacks. The research leveraged insights from more than 300 trillion daily signals and 270 billion daily transactions on the Zscaler Zero Trust Exchange™ – the world’s largest security cloud.
The report revealed that malware remains the number one threat to individuals and businesses across nine key industries, with manufacturing, education and healthcare being the most targeted. Encrypted attacks remain a significant problem for countries around the world, with the US, India and Japan seeing the largest increases in attacks over the past 12 months. Additionally, South Africa has seen a notable increase in TLS/SSL attacks compared to 2021.
“As organizations scale up their cyber defenses, attackers become more sophisticated, especially when using evasive tactics,” said Deepen Desai, CISO and VP of Security Research and Operations at Zscaler. “Potential threats continue to hide in encrypted traffic, supported by as-a-service models that drastically reduce the technical barriers to doing so. It is critical for organizations to adopt a cloud-native Zero Trust architecture that enables consistent inspection of all internet-bound traffic and effectively mitigates these attacks.”
Malware is the king of cybercriminals
While cybercriminals hide a variety of attack tactics in encrypted traffic, malware remains the most prevalent. Malicious scripts and payloads used throughout the attack sequence account for nearly 90% of encrypted attack tactics that will be blocked in 2022. This category includes ransomware, which remains a top concern for CISOs as ransomware attacks increased by 80% year-over-year.
As defenses have become more complex, attackers have also evolved their techniques, creating new malware variants that are harder to detect and able to evade reputation-based technologies. ChromeLoader, Gamaredon, AdLoad, SolarMarker, and Manuscrypt are among the most prevalent malware families observed by the Zscaler ThreatLabz team to abuse encrypted channels.
Usual suspects make way for a newcomer
The top five countries targeted by encrypted attacks include the US, India, South Africa, the UK and Australia. South Africa is a relative newcomer to the list, rising to the top in 2022 after knocking out France from its 2021 top-five rankings. Japan (613%), the US (155%) and India (87%) also saw significant year-over-year increases in destinations.