Attacks targeting encrypted traffic (SSL) that bypass traditional security controls will grow by 260 percent over the next five years, according to a new threat research report from Zscaler. They show that cybercriminals will not be dissuaded by the global health crisis, so they are targeting the medical industry. Following healthcare, the study found that the industries most vulnerable to SSL-based threats are:
1. Medical: 1.6 billion (25.5%)
2. Finance and Insurance: 1.2 billion (18.3%)
3. Manufacturing: 1.1 billion (17.4%)
4. Government: 952 million (14.3%)
5. Services: 730 million (13.8%)
Covid-19 fuels surge in ransomware
Beginning in March, after the World Health Organization declared the virus a pandemic, researchers witnessed a 5-fold increase in ransomware attacks on encrypted traffic. Early research by Zscaler showed that when cybercriminals first started to fear the virus, COVID-related threats surged by 30,000%.
Phishing attacks approach 200 million
One of the most commonly used attacks on SSL, phishing attempts reached 193 million instances in the first nine months of 2020. Manufacturing was the most targeted (38.6%), followed by services (13.8%) and healthcare (10.9%).
30% of SSL-based attacks fool trusted cloud providers
Cybercriminals are using the reputation of trusted cloud providers such as Dropbox, Google, Microsoft, and Amazon to distribute malware through encrypted channels, becoming increasingly sophisticated in avoiding detection.
Microsoft remains the most targeted brand for SSL-based phishing
Because Microsoft technology is one of the most widely adopted in the world, Zscaler identified Microsoft as the most common brand deceived by phishing attacks, in line with the ThreatLabZ 2019 report. Other popular fraudulent brands include PayPal and Google. Cybercriminals are also increasingly spoofing Netflix and other streaming entertainment services during the pandemic.
“During the COVID-19 pandemic, cybercriminals are relentlessly attacking critical industries such as healthcare, government and finance, and this study shows how dangerous encrypted traffic can be if security checks are not done in a timely manner.” ZISOer CISO and Deepen Desai, vice president of security research, said: “Attackers have greatly improved the methods they use to deliver ransomware, for example, within organizations that use encrypted traffic. The report shows a 500 percent increase in ransomware attacks on SSL, which Just one example of why SSL inspection is so important to an organization’s defense.”