Zscaler ThreatLabz, the threat research division of Zscaler, Inc. (NASDAQ: ZS), has revealed in its annual “State of Encrypted Attacks 2023” report an alarming statistic: 86% of cyberattacks exploit encrypted channels. This finding underscores the growing sophistication of cybercriminal tactics.
Growth of Threats Through HTTPS
The report shows a 24% increase in threats carried out through HTTPS in the Zscaler cloud, with nearly 30 billion threats blocked. This increase highlights how cybercriminals leverage encrypted channels to conceal their malicious activities.
Encrypted Malware Predominates
Encrypted malware and malicious content account for 78% of observed attacks, with malware being the primary encrypted threat. Between October 2022 and September 2023, 23 billion encrypted attacks were recorded, with ChromeLoader, MedusaLocker, and Redline Stealer as the most utilized malware families.
Manufacturing Industry, the Most Targeted
The manufacturing industry remained the most targeted sector, experiencing 32% of encrypted attacks. The increasing adoption of smart factories and the Internet of Things (IoT) has expanded the attack surface, exposing the sector to additional security risks.
Rise in Attacks in Education and Public Administration
The education and government sectors have experienced a dramatic increase in encrypted attacks, with year-over-year increases of 276% and 185%, respectively. The digital transformation in these sectors has expanded their attack surfaces, making them more susceptible to cyber threats.
Defense Against Encrypted Attacks
To combat these attacks, Zscaler recommends adopting a Zero Trust Network Access (ZTNA) architecture, which enables IT teams to inspect TLS traffic at scale, block threats, and prevent the leakage of sensitive data.
The “State of Encrypted Attacks 2023” report from Zscaler ThreatLabz emphasizes the importance of a comprehensive and proactive security strategy in the digital era. With 86% of cyber threats transmitted through encrypted channels, organizations must be more vigilant than ever and adopt innovative cybersecurity solutions to protect against these advanced tactics.
Methodology of the Report
This analysis is based on the review of 29.8 billion threats blocked within encrypted channels, SSL, and TLS, from October 2022 to September 2023 in the Zscaler cloud. Zscaler’s global cloud processes over 500 trillion transactions daily, blocking 9 billion threats and policy violations per day, and updating its security measures over 250,000 times.
You can read the full report “State of Encrypted Attacks 2023” by visiting the following link: [State of Encrypted Attacks 2023 Report](https://info.zscaler.com/resources-industry-reports-threatlabz-2023-state-of-encrypted-attacks-report-thank-you)