New Report Shows Increase in Encrypted Cyber Attacks
In a new report released by Zscaler, it is revealed that the use of HTTPS by cyber criminals has increased by 24% compared to 2022. This highlights the growing complexity of tactics used by cyber criminals to exploit encrypted channels. The report also identifies the production sector as the most vulnerable to attacks, with educational and state organizations experiencing the highest increase in the number of attacks compared to the previous year.
According to the report, only 86% of all cyber threats, including malicious software, extortion programs, and phishing attempts, are delivered through encrypted channels. Dipen Desai, Director at Zscaler, emphasizes the significance of this finding, stating: “Almost 95% of web traffic passes through HTTPS, and 86% of advanced threats are delivered through encrypted channels. Any HTTPS traffic that is not subject to intermediate analysis represents a significant blind spot that cyber criminals continue to exploit.”
The report also reveals that the most prevalent type of encrypted threat is malicious software, accounting for 78% of all cyber attempts, with 23 billion encrypted requests recorded between October 2022 and September 2023. Among the most common malicious software families in 2023 is Chromeloader, known for its ability to persist on systems, the scale of its attacks, and its aggressive use of PowerShell.