Content, Channel partners, Content, Malware, MSSP

Zscaler: Nearly 90% of Cyberattacks Now Use Encrypted Channels

Credit: Zscaler

Malware continues to pose the greatest threat to individuals and businesses across nine key industries, with manufacturing, education and healthcare being the most commonly targeted, security provider Zscaler said in a new report.

Details from Zscaler's Report

Key takeaways from Zscaler's report include:

  • More than 85% of attacks now use encrypted channels across various stages of the kill chain, up 20% from last year.
  • Nearly 90% of all cyber threats that affect users and organizations come from malware that downloads a malicious payload via a link shared in an email or infected websites.
  • The U.S. and India are top targets for encrypted attacks. South Africa, the U.K. and Australia round out the top five.
  • Encrypted threats targeting the manufacturing and education industry increased by 239% and 134%, respectively. Conversely, retail saw a 63% and government a 40% decline

Commenting on the report, Deepen Desai, CISO and vice president of Security Research and Operations at Zscaler, said:

“Potential threats continue to hide in encrypted traffic, empowered by as-a-service models that dramatically reduce the technical barriers to doing so. It is critical for organizations to adopt a cloud-native zero trust architecture that allows consistent inspection of all internet bound traffic and effectively mitigate these attacks.”

Here are some additional data:

  • Manufacturing saw a 239% increase in these types of attacks, displacing technology as the most targeted type of business in 2022.
  • Education remains a notable target for the second year in a row, with a 50% increase in attacks from 2020 to 2021.
  • In 2022, attacks against government organizations and retail decreased by 40% and 63%, respectively.

Six Ways to Minimize Risk

Zscaler recommends that businesses adopt the following six practices to minimize the risk of encrypted attacks:

  1. Use a cloud native, proxy-based architecture to decrypt, detect and prevent threats in all encrypted traffic at scale.
  2. Leverage an AI-driven sandbox to quarantine unknown attacks and stop patient zero malware.
  3. Inspect all traffic, all the time, whether a user is at home, at headquarters or on the go, to ensure everyone is consistently protected against encrypted threats.
  4. Terminate every connection to allow an inline proxy architecture to inspect all traffic, including encrypted traffic, in real-time — before it reaches its destination — to prevent ransomware, malware and more.
  5. Protect data using granular context-based policies, verifying access requests and rights based on context.
  6. Eliminate the attack surface by connecting users directly to the apps and resources they need, never to networks.

Zscaler said it blocked 24 billion threats in 2022 — a 20% increase from the 20.7 billion blocked in 2021, which was a 314% increase from 2020. This shows that cybercriminals are continuing to evolve their tactics to avoid detection and slip past information security teams.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.