Thursday, November 21, 2024
Latest:
Digital TransformationSecurity

The State of Encrypted Attacks

lucia

Is HTTPS traffic safe?

Enterprise data security seems to suffer from a widespread misunderstanding of this question. HTTPS (i.e., TLS, formerly SSL) is the industry standard for encryption and it protects data in transit. Its job is to keep content private from anyone who wants to spy on it. But this protocol is only a vehicle; encryption doesn’t mean that the content itself is safe. Malware can be encrypted and transmitted just as easily as legitimate files—and, in fact, more than eighty percent of malware travels over these channels.

If this idea seems basic, consider this: most organizations do not inspect all encrypted traffic. Many do not inspect any encrypted traffic. With the majority of traffic moving over encrypted channels, why wouldn’t enterprises inspect it? And the better question: what are they missing?

It turns out they’re missing a lot. Between January and September of 2021, Zscaler blocked 20.7 billion threats over HTTPS. This represents an increase of more than 314 percent from the 6.6 billion threats blocked in 2020, which itself was a nearly 260 percent increase from the year before.

Cybercriminals are getting increasingly savvy with their attack tactics, and have benefited from affiliate networks and as-a-service tools available over the dark web. This availability has led to an explosion of sophisticated attacks that keep security teams awake at night. Ransomware in particular has impacted companies across the globe with high-profile attacks causing damages in the tens of millions of dollars. Encrypting the malware is a trivial step in the attack sequence.

With the increase in ransomware—along with a number of other threat categories—and the continuation of hybrid and work-from-anywhere models, organizations must inspect all traffic on-premises and off to maximize their chances of protecting their organizations. Unfortunately, such inspection is incredibly resource-intensive. Attempting to do it at scale with legacy hardware based security tools, such as next-generation firewalls, is nearly impossible and can require five to seven times the number of devices to do so effectively without diminishing performance. As a result, many organizations allow at least some of their encrypted traffic to pass uninspected. This is a big problem—we’ll share exactly how big

    Full Name

    Business Email

    Phone

    Company Name

    Job Title

    Yes, I would like to receive marketing information from Zscaler based on my personal interests and give my consent

    View Privacy Policy

    You May Also Like

    Modernizing IT with Nutanix Enterprise Cloud and HPE GreenLake

    lucia

    Egnyte for Life Sciences

    lucia

    A layered approach to container and Kubernetes security

    lucia