SSL-Based Phishing Surges 400% from 2017
Hackers are increasingly using encrypted traffic to hide their attacks from security filters, with phishing emails soaring in popularity, according to new data from Zscaler.
The cloud security provider processes more than 60 billion transactions per day and claimed that hiding threats in SSL traffic has become standard practice among the black hats.
Its biannual 2019 Cloud Security Insights Threat Report revealed that the vendor blocked 1.7 billion advanced threats hidden in SSL traffic from July to December 2018, amounting to an average of 283 million per month.
This included 2.7 million phishing attempts each month, an increase of over 400% from 2017 figures.
This chimes somewhat with a new report from Trend Micro released this week, which revealed the vendor blocked 269 million phishing URLs last year, a 269% increase over 2017.
Other malicious activity blocked by Zscaler in the second half of 2018 included 32 million botnet callback attempts per month, and 240,000 browser exploitation attempts. In addition, nearly 32% of newly registered domains blocked by the firm were ‘protected’ with SSL encryption.
Zscaler CTO, Amit Sinha, argued that the trend towards having everything encrypted by default is great for user privacy, but it presents a challenge to security teams.
“Decrypting, inspecting, and re-encrypting traffic is non-trivial, causing significant performance degradation on traditional security appliances, and most organisations are not equipped to inspect encrypted traffic at scale,” he added. “With a high percentage of threats now delivered with SSL encryption, and over 80% of internet traffic now encrypted, enterprises are blind to over half of malware sent to their employees.”
Source: Information Security Magazine