Encryption-based threats grow by 260% in 2020 – Help Net Security


New Zscaler threat research reveals the emerging techniques and impacted industries behind a 260-percent spike in attacks using encrypted channels to bypass legacy security controls.

Showing that cybercriminals will not be dissuaded by a global health crisis, they targeted the healthcare industry the most. Following healthcare, the research revealed the top industries under attack by SSL-based threats were:

1. Healthcare: 1.6 billion (25.5 percent)
2. Finance and Insurance: 1.2 billion (18.3 percent)
3. Manufacturing: 1.1 billion (17.4 percent)
4. Government: 952 million (14.3 percent)
5. Services: 730 million (13.8 percent)

COVID-19 is driving a ransomware surge

Researchers witnessed a 5x increase in ransomware attacks over encrypted traffic beginning in March, when the World Health Organization declared the virus a pandemic. Earlier research from Zscaler indicated a 30,000 percent spike in COVID-related threats, when cybercriminals first began preying on fears of the virus.

Phishing attacks neared 200 million

As one of the most commonly used attacks over SSL, phishing attempts reached more than 193 million instances during the first nine months of 2020. The manufacturing sector was the most targeted (38.6 percent) followed by services (13.8 percent), and healthcare (10.9 percent).

30 percent of SSL-based attacks spoofed trusted cloud providers

Cybercriminals continue to become more sophisticated in avoiding detection, taking advantage of the reputations of trusted cloud providers such as Dropbox, Google, Microsoft, and Amazon to deliver malware over encrypted channels.

Microsoft remains most targeted brand for SSL-based phishing

Since Microsoft technology is among the most adopted in the world, Zscaler identified Microsoft as the most frequently spoofed brand for phishing attacks, which is consistent with ThreatLabZ 2019 report. Other popular brands for spoofing included PayPal and Google. Cybercriminals are also increasingly spoofing Netflix and other streaming entertainment services during the pandemic.

“Cybercriminals are shamelessly attacking critical industries like healthcare, government and finance during the pandemic, and this research shows how risky encrypted traffic can be if not inspected,” said Deepen Desai, CISO and VP of Security Research at Zscaler. “Attackers have significantly advanced the methods they use to deliver ransomware, for example, inside of an organization utilizing encrypted traffic. The report shows a 500 percent increase in ransomware attacks over SSL, and this is just one example to why SSL inspection is so important to an organization’s defense.”



Source link

Latest articles

Siemens bringing low code company to China

The Mendix platform announced plans to expand its technology into the Chinese market. ...

The new Raspberry Pi Pico is an incredibly powerful little chip for just $4

The Pico is the first microcontroller board from Raspberry Pi and has been built around...

Amazon Awards $18,000 for Exploit Allowing Kindle E-Reader Takeover

Amazon has awarded an $18,000 bug bounty for an exploit chain that could have allowed an attacker to take complete control of a...

Here’s How SolarWinds Hackers Stayed Undetected for Long Enough

Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay...

Related articles

Leave a reply

Please enter your comment!
Please enter your name here