Malicious threats using SSL encryption have seen a huge boost in popularity among cyber criminals this year, new research has found.
The ThreatLabZ report from security firm Zscaler revealed that an average of 60 per cent of the transactions in the Zscaler cloud have been delivered over SSL/TLS. The Zscaler cloud saw an average of 8.4 million SSL/TLS-based security blocks a day this year.
New malicious payload distribution has also been spotted, based on unique payloads that were spotted in the Zscaler Cloud Sandbox. Most payloads included Trojans (60 per cent), with ransomware sitting at number two with 25 per cent. Other notable mentions include Infostealer Trojan families.
“Hackers are increasingly using SSL to conceal device infections, shroud data exfiltration and hide botnet command and control communications. In fact, our study found that the amount of phishing attempts per day delivered over SSL/TLS has increased 400 percent from 2016,” said Deepen Desai, senior director, security research and operations.
“SSL inspection is a necessity in ensuring the security of network traffic in the enterprise. Zscaler sits between users and the internet, inspecting every byte of traffic, including encrypted traffic, so we can catch hidden threats before they get into the network.”
The report also states that the Zscaler cloud blocked an average of 12,000 phishing attempts daily, over SSL/TLS, representing a 400 per cent jump compared to 2016. Also, new and ‘increasingly sophisticated’ malware strains employ SSL to encrypt their C&C mechanics.
The infographic with all the findings can be found on this link.
Photo Credit: andriano.cz/Shutterstock