Zscaler ThreatLabz Finds Most Cyberattacks Hide In Encrypted Traffic

Zscaler finds malware, which includes malicious web content and malware payloads, continued to dominate over other types of encrypted attacks, with ad spyware sites and cross-site scripting accounting for 78% of all blocked attacks.

Research analyzed nearly 30 billion blocked threats from October 2022 to September 2023 by the Zscaler Zero Trust Exchange platform, the world’s largest security cloud platform.

In total, 86% of all cyber threats, including malware, ransomware, and  phishing attacks, are delivered over encrypted channels.

“To defend against encrypted attacks, organizations should replace vulnerable appliances, like VPNs and firewalls, with a Zero Trust Network Access (ZTNA) solution. This allows IT teams to inspect TLS traffic at scale while blocking threats and preventing sensitive data leakage.”

Malware is the top encrypted threat 

Malware keeps its top spot as the champion of encrypted threats, driving 23 billion encrypted hits between October 2022 and September 2023 and comprising 78% of all attempted cyberattacks.

Encrypted malware includes malicious web content, malware payloads, macro-based malware, and more. The most prevalent malware family in 2023 was ChromeLoader, followed by MedusaLocker and Redline Stealer.

KEY FINDINGS:

Manufacturing keeps its spot as the most targeted industry

Manufacturers saw the largest amount of AI/ML transactions compared to any other industry, processing over 2.1 billion AI/ML-related transactions. It remains the most targeted industry, accounting for 31.6% of encrypted attacks tracked by Zscaler. As smart factories and the Internet of Things (IoT) become more prevalent in manufacturing, the attack surface is expanding and exposing the sector to more security risks and creating additional entry points that cybercriminals can exploit to disrupt production and supply chains.

Additionally, the use of popular generative AI applications, like ChatGPT, on connected devices in manufacturing heightens the risk of sensitive data leakage over encrypted channels.

(Image courtesy: www.futurelearn.com)

Leave a Reply

Your email address will not be published. Required fields are marked *