Research shows attackers turning to encrypted attacks during pandemic

Encryption-Based threats grow by 260% in 2020.

  • 4 years ago Posted in
Zscaler has released its 2020 State of Encrypted Attacks report, published by the Zscaler ThreatLabZ team. The threat research reveals the emerging techniques and impacted industries behind a 260-per cent spike in attacks using encrypted channels to bypass legacy security controls. The report provides guidance on how IT and security leaders can protect their enterprise from the rising trend of encrypted threats, based on insight sourced from over 6.6 billion encrypted threats across the Zscaler™ cloud from January through September 2020 over encrypted channels.

 

Showing that cybercriminals will not be dissuaded by a global health crisis, they targeted the healthcare industry the most. Following healthcare, the research revealed the top industries under attack by SSL-based threats were:

1.           Healthcare: 1.6 billion (25.5 per cent)

2.           Finance and Insurance: 1.2 billion (18.3 per cent)

3.           Manufacturing: 1.1 billion (17.4 per cent)

4.           Government: 952 million (14.3 per cent)

5.           Services: 730 million (13.8 per cent)

Other key findings include:

  COVID-19 is Driving a Ransomware Surge: Zscaler researchers witnessed a 5x increase in ransomware attacks over encrypted traffic beginning in March, when the World Health Organisation declared the virus a pandemic. Earlier research from Zscaler indicated a 30,000 percent spike in COVID-related threats, when cybercriminals first began preying on fears of the virus.  

      Phishing Attacks Neared 200 Million: As one of the most commonly used attacks over SSL, phishing attempts reached more than 193 million instances during the first nine months of 2020. The manufacturing sector was the most targeted (38.6 per cent) followed by services (13.8 per cent), and healthcare (10.9 per cent).

      30 per cent of SSL-Based Attacks Delivered Through Trusted Cloud Providers: Cybercriminals continue to become more sophisticated in avoiding detection, taking advantage of the reputations of trusted cloud providers such as Dropbox, Google, Microsoft, and Amazon to deliver malware over encrypted channels.

      Microsoft Remains Most Targeted Brand for SSL-Based Phishing: Since Microsoft technology is among the most adopted in the world, Zscaler identified  Microsoft as the most frequently spoofed brand for phishing attacks, which is consistent with ThreatLabZ 2019 report. Other popular brands for spoofing included PayPal and Google. Cybercriminals are also increasingly spoofing Netflix and other streaming entertainment services during the pandemic. 

“Cybercriminals are shamelessly attacking critical industries like healthcare, government and finance during the pandemic, and this research shows how risky encrypted traffic can be if not inspected,”  said Deepen Desai, CISO and Vice President of Security Research at Zscaler. “Attackers have significantly advanced the methods they use to deliver ransomware, for example, inside of an organisation utilising encrypted traffic. The report shows a 500 per cent increase in ransomware attacks over SSL, and this is just one example to why SSL inspection is so important to an organisation’s defence.”  

 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...