Encryption-Based Threats Grow By 260% in 2020
|
Healthcare, Finance and Manufacturing Under an Onslaught of Attacks
SAN JOSE,
Showing that cybercriminals will not be dissuaded by a global health crisis, they targeted the healthcare industry the most. Following healthcare, the research revealed the top industries under attack by SSL-based threats were:
- Healthcare: 1.6 billion (25.5 percent)
- Finance and Insurance: 1.2 billion (18.3 percent)
- Manufacturing: 1.1 billion (17.4 percent)
- Government: 952 million (14.3 percent)
- Services: 730 million (13.8 percent)
Other key findings include:
- COVID-19 is Driving a Ransomware Surge:
Zscaler researchers witnessed a 5x increase in ransomware attacks over encrypted traffic beginning in March, when theWorld Health Organization declared the virus a pandemic. Earlier research fromZscaler indicated a 30,000 percent spike in COVID-related threats, when cybercriminals first began preying on fears of the virus. - Phishing Attacks Neared 200 Million: As one of the most commonly used attacks over SSL, phishing attempts reached more than 193 million instances during the first nine months of 2020. The manufacturing sector was the most targeted (38.6 percent) followed by services (13.8 percent), and healthcare (10.9 percent).
- 30 Percent of SSL-Based Attacks Delivered Through Trusted Cloud Providers: Cybercriminals continue to become more sophisticated in avoiding detection, taking advantage of the reputations of trusted cloud providers such as Dropbox, Google, Microsoft, and Amazon to deliver malware over encrypted channels.
- Microsoft Remains Most Targeted Brand for SSL-Based Phishing: Since Microsoft technology is among the most adopted in the world,
Zscaler identified Microsoft as the most frequently spoofed brand for phishing attacks, which is consistent with ThreatLabZ 2019 report. Other popular brands for spoofing included PayPal and Google. Cybercriminals are also increasingly spoofing Netflix and other streaming entertainment services during the pandemic.
“Cybercriminals are shamelessly attacking critical industries like healthcare, government and finance during the pandemic, and this research shows how risky encrypted traffic can be if not inspected,” said Deepen Desai, CISO and Vice President of
Inspecting encrypted traffic is mission-critical for all organizations to protect against these attacks. A multilayered defense-in-depth strategy that fully supports SSL inspection ensures that enterprises are protected from escalating threats hiding in their encrypted traffic. Processing more than 130 billion transactions per day,
To download the full report, see the 2020 State of Encrypted Attacks.
About ThreatLabZ
ThreatLabZ is the embedded research team at
About
Zscaler™, Zscaler Internet Access™, and Zscaler Private Access™, ZIA™ and ZPA™ are either (i) registered trademarks or service marks or (ii) trademarks or service marks of
Media Contact:
press@zscaler.com
Investor Relations Contact:
ir@zscaler.com
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/94c5e9d3-ec84-44ff-9170-00108b4649ff
Source:
2020 GlobeNewswire, Inc., source