With the rapid surge in cyberattacks, encryption-based cyber threats shoot up by 260% in 2020.
The cybercriminals are making the most of this fast-changing digital marketplace, currently experiencing most attacks. As a result, businesses across industries are seeing a rapid increase in cyber threats against online channels and security infrastructure.
While technology backs organizations to tide over this crisis, there has been a 260% surge in attacks through encrypted channels. This is undoubtedly helping attackers to bypass legacy security controls, claimed a recent study from Zscaler.
Among various sectors, the healthcare industry is the most affected. The study revealed the sectors that are under attack by SSL-based threats –
- Healthcare – 6 billion (25.5%)
- Finance and Insurance – 2 billion (18.3%)
- Manufacturing –1 billion (17.4%)
- Government –952 million (14.3%)
- Services –730 million (13.8%)
Besides, there has been an almost 5X increase in the ransomware attacks over encrypted traffic since the emergence of the pandemic. Businesses around the world saw a nearly 30,000% rise in COVID-related. Clearly, the pandemic steered this ransomware surge.
As the most common attacks over SSL, even phishing attempts touched over 193 million in the initial nine months of 2020. In this case, manufacturing was the most targeted sector (38.6%) – followed by services (13.8%) and healthcare (10.9%).
Read More: The Need for Identity and Access Management in Corporate Risk Literacy
Nearly 30% of the SSL-based cyberattacks spoofed trusted cloud businesses. In its essence, cybercriminals continued to become sophisticated to avoid detection. They took advantage of the trusted cloud providers, including Amazon, Dropbox, Google, and Microsoft, to deliver malware over the encrypted channels.
The study revealed that Microsoft is the most targeted brand linked to SSL-centered phishing attacks. The other top companies on the list include Google and PayPal. Moreover, various live streaming platforms also witnessed increased spoofing amid the pandemic.
In this digital era, the threat actors have significantly advanced their methodologies to deliver ransomware. For instance, they are utilizing encrypted traffic when they target an enterprise to attack.
Read More: Security profile needs transformation along with digital transformation
In fact, the study found almost a 500% percent increase in the ransomware cyber-attacks over SSL. As a result, businesses should aim for more SSL inspection to secure their digital asset. As Deepen Desai, CISO, and VP of Security Research at Zscaler mentioned in the company blog post – “Cybercriminals are shamelessly attacking critical industries like healthcare, government, and finance during the pandemic, and this research shows how risky encrypted traffic can be if not inspected.”