According to Zscaler, malware continues to be the biggest threat to individuals and businesses across nine key industries, with manufacturing, education, and healthcare being the most common targets.
Encryption attacks remain a serious problem for countries around the world, with the United States, India and Japan seeing the largest increases in attacks in 12 years. past month. Additionally, South Africa has seen a significant increase in TLS/SSL attacks compared to 2021.
Deputy Director of Research and Security Operations at Zscaler.
“Potential threats continue to lurk in encrypted traffic, backed by service models that dramatically reduce technical barriers. It is essential for organizations to adopt a trustless, cloud-based architecture that enables consistent inspection of all Internet-related traffic and effectively mitigates these attacks. ,” continued Desai.
Malware is King of Cybercriminals
Cybercriminals hide a variety of attack tactics in encrypted traffic, but malware remains the most prevalent. Malicious scripts and payloads used throughout attack sequences account for nearly 90% of blocked encrypted attack tactics in 2022. This category includes ransomware. Ransomware attacks remain a top concern for CISOs, with an 80% year-over-year increase.
As countermeasures have become more complex, attackers have also evolved their techniques, creating new malware variants that are difficult to detect and can evade reputation-based techniques. ChromeLoader, Gamaredon, AdLoad, SolarMarker, and Manuscrypt are among his families of the most prevalent malware that the Zscaler ThreatLabz team has observed exploiting encrypted channels.
Usual suspects give way to newcomers
The top five countries targeted in crypto attacks include the United States, India, South Africa, the United Kingdom, and Australia. South Africa are relatively new to the list after knocking France out of the top five rankings in 2021 to top the list in 2022. Japan (613%), the United States (155%) and India (87%) also saw significant year-on-year growth in destinations.
Manufacturing and education continue to pose the greatest risk
Not all industries are equally vulnerable to encrypted attacks, and organizations with outdated security solutions They often become frequent victims. This year, he saw a 239% increase in these types of attacks in the manufacturing industry, with technology replacing technology as the most targeted industry in 2022. This includes adopting new security measures to combat COVID-19, infrastructure and applications to address supply chain issues.
However, the introduction of new applications, products, and services has increased the attack surface for manufacturers, exposing them to new vulnerabilities that many will need to address in the future.
Education was the next industry with the highest increase in attacks, with a 132% year-on-year increase. Education remains a notable target for the second year in a row, with a 50% increase in attacks from 2020 to 2021. Industries such as education and manufacturing are the biggest beneficiaries of Zero Trust architectures. Identify and detect suspicious activity Mitigate the growing risk of encrypted attacks.
On the bright side, 2022 saw a 40% and 63% drop in attacks on government agencies and retail stores, respectively. 2021 saw a surge in cryptocurrency attacks in retail. This is because attackers have exploited e-commerce trends due to the pandemic, which have normalized over the past year.
Law enforcement agencies around the world are prosecuting cyber criminals who target these important industries, making them unattractive targets for hacker groups looking for easy cash.
Cybercriminals are evolving tactics to evade detection and sneak past information security teams. Most attacks now use her SSL or TLS encryption. This runs best in a cloud-native proxy architecture as it is resource intensive to do large scale inspections.
Traditional firewalls support packet filtering and stateful inspection, but are not well suited for this task due to resource limitations. This creates an urgent need for organizations to implement cloud-native architectures that support full inspection of encrypted traffic in accordance with Zero Trust principles.
Recommendations
Organizations seeking to mitigate the risk of encrypted attacks should consider these recommendations as part of their adoption strategy. prevent.
- Isolate unknown attacks and stop patient-zero malware with AI-driven sandboxing.
- Whether your users are at home, in the office, or on the road, inspect all traffic at any time to ensure everyone is end-to-end encrypted threat–protected.
- Terminate each connection and our inline proxy architecture inspects all traffic, including encrypted traffic, in real time before it reaches its destination, preventing ransomware, malware and more.
- Protect data with granular, context-based policies to validate access requests and permissions based on context.
- Eliminate your attack surface by connecting users directly to the apps and resources they need, rather than the network.