Zscaler ThreatLabz Report: Encrypted malware and malicious content are one of the biggest threats, accounting for 78 percent of observed attacks.
Malware remains the top encrypted threat in Zscaler’s latest report. Between October 2022 and September 2023, the Zero Trust Exchange platform recorded 23 billion encrypted attacks, accounting for 78 percent of all attempted cyberattacks. Encrypted malware includes malicious web content, malware payloads, macro-based malware and more. The most prevalent malware family in 2023 was ChromeLoader, followed by MedusaLocker and Redline Stealer.
Manufacturing industry most affected sector
With over 2.1 billion AI/ML transactions, the manufacturing industry recorded the largest volume of AI/ML transactions compared to all other industries. It remains the most attacked industry with 31.6 percent of encrypted attacks recorded by Zscaler. With the proliferation of smart factories and the Internet of Things (IoT) in the manufacturing industry, the attack surface is increasing and putting further pressure on the sector. This creates additional gateways for cyber risks that malware actors can use to attack production and supply chains. In addition, the use of popular generative AI applications such as ChatGPT in connected devices in manufacturing increases the risk of sensitive data leakage through encrypted channels.
Education and government see huge increase in attacks
The education and public administration sectors saw a year-on-year increase in encrypted attacks of 276% and 185% respectively. In recent years, the education sector’s attack surface has increased significantly as more remote and connected learning has been enabled. The public sector continues to be an attractive target, particularly for attacks involving state-motivated actors, which is reflected in the increase in encrypted attacks.
Stopping encrypted attacks
To protect against the spread of the emerging threat landscape, Zscaler says organizations should rethink their traditional security and network approaches and adopt more comprehensive Zero Trust approaches. This includes inspecting all encrypted traffic and using AI/ML models to block or isolate malicious traffic. A platform model provides an easy way to apply policies to all traffic without impacting performance or creating compliance proliferation.
For the study
Zscaler analyzed 29.8 billion blocked threats within encrypted channels such as SSL and TLS from October 2022 to September 2023. The report uses data from customer deployments connected to Zscaler’s global security cloud.