Cybersecurity is a recurring topic, and according to a new report from security company Zscaler, cybercriminals are increasingly hiding behind encrypted traffic in order to more easily get through security solutions.
Https and the little padlock in the browser’s address bar are no guarantee that a website isn’t hiding malicious code. On the contrary, nearly nine out of ten cyberattacks identified by Zscaler in 2022 come from pages encrypted with Https.
Security firm Zscaler has released its annual report identifying trends in cybercrime. This year’s report is based on analyzes of more than 24 billion blocked threats and shows that:
- 85% attacks occur from pages encrypted with HTTPs.
- Nine out of ten attacks (90%) occur via links to malicious code that arrive via email or are found on infected websites.
- The industries that have seen the biggest increase in attacks are manufacturing (+239%) and schools (+134%)
“The trend we see is that cybercriminals today don’t even need to be able to program. On the darknet, the tools needed to carry out attacks are offered as a service. And it’s about extremely advanced threats with the ability to hide in encrypted traffic,” says Patrik Drakes, regional manager for Sweden at Zscaler.
In 2022, Zscaler identified and stopped 24 billion threats, up 20 percent from the previous year. What you see is that most attacks today use SSL or TLS encryption to get through the protections. Encrypted traffic is more resource-intensive to check for security programs. This means that businesses that use older technology and traditional firewalls suffer from degraded network performance when they also have to control encrypted traffic, which then risks reducing employee productivity.
“Attacks that spread quickly and paralyze critical societal functions are on the rise. We see that the solution is to move to a cloud-based Zero Trust security architecture where all internet traffic is checked continuously,” continues Patrik Drakes.
Zscaler’s advice to organizations looking to increase their protection against encrypted attacks can be summed up as:
- Introduce a cloud-based architecture that can decrypt, detect and prevent threats in all encrypted traffic.
- Leverage an AI solution that quarantines suspected threats to review and detect previously unknown attacks and other malicious code before it can do any damage.
- Control all traffic, all the time, whether users are at home, in the office or on the go.
- Use real-time protection, even for encrypted traffic, to stop malware.
- Protect data with detailed context-based policies, verify access requests and rights based on context.
- Reduce attack surfaces by connecting users directly to the applications and resources they need instead of going through networks.
More about You can read about the trends in IT security on Dagens Innovation which mapped the year’s trends.