www.helpnetsecurity.com
Open in
urlscan Pro
54.218.231.238
Public Scan
URL:
https://www.helpnetsecurity.com/2023/12/21/malware-encrypted-threats/
Submission: On December 21 via api from TR — Scanned from DE
Submission: On December 21 via api from TR — Scanned from DE
Form analysis 1 forms found in the DOM
POST
<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
<div class="mc4wp-form-fields">
<div class="hns-newsletter">
<div class="hns-newsletter__top">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__title">
<i>
<svg class="hic">
<use xlink:href="#hic-plus"></use>
</svg>
</i>
<span>Cybersecurity news</span>
</div>
</div>
</div>
</div>
<div class="hns-newsletter__bottom">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__body">
<div class="row">
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
<label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
</div>
</div>
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
<label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
</div>
</div>
</div>
</div>
<div class="form-check form-control-lg mb-3">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
<label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
</div>
<div class="input-group mb-3">
<input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
<button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
<label class="form-check-label" for="mcs4">
<span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms & conditions</a>
</span>
</label>
</div>
</div>
</div>
</div>
</div>
</div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
value="1703172994"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
<div class="mc4wp-response"></div>
</form>Text Content
* News * Features * Expert analysis * Videos * Events * Whitepapers * Industry news * Product showcase * Newsletters * * * Please turn on your JavaScript for this page to function normally. Help Net Security December 21, 2023 Share 86% OF CYBERATTACKS ARE DELIVERED OVER ENCRYPTED CHANNELS Threats over HTTPS grew by 24% from 2022, underscoring the sophisticated nature of cybercriminal tactics that target encrypted channels, according to Zscaler. For the second year in a row, manufacturing was the industry most commonly targeted, with education and government organizations seeing the highest year-over-year increase in attacks. Additionally, malware, which includes malicious web content and malware payloads, continued to dominate over other types of encrypted attacks, with ad spyware sites and cross-site scripting accounting for 78% of all blocked attacks. In total, 86% of all cyber threats, including malware, ransomware, and phishing attacks, are delivered over encrypted channels. “With nearly 95% of web traffic flowing over HTTPS and 86% of the advanced threats delivered over encrypted channels, any HTTPS traffic that does not undergo inline inspection represents a significant blind spot that cybercriminals continue to exploit when targeting global organizations,” said Deepen Desai, Chief Security Officer, Zscaler. “To defend against encrypted attacks, organizations should replace vulnerable appliances, like VPNs and firewalls, with a Zero Trust Network Access (ZTNA) solution. This allows IT teams to inspect TLS traffic at scale while blocking threats and preventing sensitive data leakage.” ENCRYPTED MALWARE IS A TOP THREAT Malware keeps its top spot as the champion of encrypted threats, driving 23 billion encrypted hits between October 2022 and September 2023 and comprising 78% of all attempted cyberattacks. Encrypted malware includes malicious web content, malware payloads, macro-based malware, and more. The most prevalent malware family in 2023 was ChromeLoader, followed by MedusaLocker and Redline Stealer. Manufacturers saw the largest amount of AI/ML transactions compared to any other industry, processing over 2.1 billion AI/ML-related transactions. It remains the most targeted industry, accounting for 31.6% of encrypted attacks tracked by Zscaler. GENERATIVE AI RAISES DATA LEAK CONCERNS As smart factories and the Internet of Things (IoT) become more prevalent in manufacturing, the attack surface is expanding and exposing the sector to more security risks and creating additional entry points that cybercriminals can exploit to disrupt production and supply chains. Additionally, the use of popular generative AI applications, like ChatGPT, on connected devices in manufacturing heightens the risk of sensitive data leakage over encrypted channels. The education and government sectors experienced a 276% and 185% year-over-year surge in encrypted attacks, respectively. The education industry has also seen a significantly expanded attack surface in recent years, with the shift to enable more remote and connected learning. Meanwhile, the government sector remains an attractive target, particularly for nation-state-backed threat actors, as reflected in the growth of encrypted threats. To defend against the evolving encrypted threat landscape, enterprises must rethink traditional approaches to security and networking and adopt more comprehensive, zero-trust architectures. Enterprises must implement a zero trust architecture that inspects all encrypted traffic and leverages AI/ML models to block or isolate malicious traffic. This creates a single, operationally simple way to apply policy across all traffic, without impacting performance or creating a compliance nightmare. RECOMMENDATIONS TO PREVENT ENCRYPTED ATTACKS * Use a cloud native, proxy-based architecture to decrypt, detect, and prevent threats in all encrypted traffic at scale. * Inspect all traffic, all the time, use SSL inspection to detect malware payloads, phishing and C2 activity that use SSL/TLS communication. * Leverage an AI-driven sandbox to quarantine unknown attacks and stop patient zero malware that may be delivered over TLS. * Evaluate the organization’s attack surface to quantify risk and secure the exposed attack surface. * Use zero trust architecture to secure all connectivity holistically. * Use user-app segmentation to enforce least privilege access, even for authenticated users. More about * cybercrime * cybersecurity * encryption * malware * report * survey * Zscaler Share FEATURED NEWS * Why data, AI, and regulations top the threat list for 2024 * A closer look at the manufacturing threat landscape * How executives adapt to rising cybersecurity concerns in mobile networks Guide: Application security posture management deep dive SPONSORED * eBook: Cybersecurity career hacks for newcomers * Download: The Ultimate Guide to the CISSP * eBook: Keeping Active Directory out of hackers’ cross-hairs * Guide: SaaS Offboarding Checklist DON'T MISS * Why data, AI, and regulations top the threat list for 2024 * A closer look at the manufacturing threat landscape * How executives adapt to rising cybersecurity concerns in mobile networks * Are organizations moving away from passwords? * 8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers Cybersecurity news Daily Newsletter Weekly Newsletter (IN)SECURE - monthly newsletter with top articles Subscribe I have read and agree to the terms & conditions Leave this field empty if you're human: © Copyright 1998-2023 by Help Net Security Read our privacy policy | About us | Advertise Follow us ×