The annual report submitted by zcaler states that in the period between October 2021 and September 2022, more than 24 billion threats. To reach this conclusion, more than 300 billion daily signals and 270 billion daily transactions were used on the platform. Zscaler Zero Trust Exchangethe largest security cloud that currently exists.
This study shows that the malware it remains the biggest threat to businesses and individuals in key sectors, especially in the case of education, healthcare and manufacturing. Similarly, encrypted attacks continue to be a latent problem in countries around the world, with Japan, India, the United Kingdom, Australia, the United States, and South Africa being the most affected, which has experienced an increase in attacks. TLS/SSL attacks compared to the same period last year.
A revealing fact appears, and it is that the volume of threats grows by 20% every yearwhich demonstrates the need to implement a cloud native zero trust architecture.
Deepen DesaiCISO and Vice President of Security Research and Operations at Zscaler, states that: “Potential threats continue to hide in encrypted traffic, driven by as-a-service models that have reduced the technical barriers to doing so.”
Increases the presence of ransomware
Ransomware attacks have increased 80% annually, being the main threat to the people in charge of cybersecurity. Malicious scripts and payloads used throughout the attack sequence account for the 90% of tactics blocked.
Attackers refine malware variants in the face of CISOs’ defensive enhancement, the most common being ChromeLoader, Gamaredon, AdLoad, SolarMarker, and Manuscrypt encrypted channels.
As we have previously pointed out, the manufacturing industry has increased by 239% the attacks received, replacing the technology sector. The fact that this sector has undergone security improvements in recent years, especially to manage COVID-19, has caused cybercriminals to target it to damage the supply chain.
Another very affected sector has been the educationwhich has increased its year-on-year rate up to 132%which has already seen attacks increase by 50% from 2020 to 2021.
However, attacks on government organizations and the Commerce retail they have seen their influence reduced by 40% and 63%, respectively. The latter especially appreciates it, after the peak experienced in 2021 due to the explosion of e-commerce as a result of the pandemic.
The recommended strategy
We start from the basis that more than 85% of attacks currently use encrypted channels through various stages of the ‘killer chain’which represents a 20% increase compared to 2021. The most common cipher is the SSL either TLSwhich is best executed using a cloud-native proxy architecture, as legacy firewalls are resource constrained.
Companies should implement a series of basic principles such as:
- Use a proxy-based cloud-native architecture to detect threats in encrypted traffic on a larger scale. This will be possible at the end of each session, thus avoiding ransomware, malware and others.
- Implement granular policies context-based and checking access requests and rights based on that context.
- Sandbox AI powered to stop the patient zero malware.
- inspect all trafficregardless of where the user is, to protect them at all times against encrypted threats.
- Eliminate the attack surface connecting users directly to applications and resources, but never to networks.
In danger, as is logical, the very integrity of the organizations.
