SSL-based cyber attacks surged 30% over the past six months

Zscaler says hackers launch up to 800,000 encrypted attacks every day

Cyber criminals are increasingly using encryption technologies such as SSL to launch and hide attacks from malware detection tools, with threats rising by 30% compared to the first half of 2017, according to a new report.

Zscaler ThreatLabZ's bi-annual Secure Sockets Layer (SSL) trends report found that each day the company blocks up to 800,000 data transfers exploiting SSL encryption to transport cyber threats. By comparison, in the first six months of 2017, the company blocked 600,000 transactions on average.

Advertisement - Article continues below

The company said one of the most popular ways criminals launched attacks was using newly registered domains that were similar to well-known brand names such as DocuSign, Microsoft, Apple and Dropbox.

The SSL cryptographic protocol was first introduced in 1994 in response to growing concerns about the transfer of sensitive data online, providing a secure route between two domains - for example, a web browser and web server using HTTPS. The protocol was eventually replaced in 1999 by Transport Layer Security (TLS), although they're often used interchangeably.

However, since as early as 2011, SSL certificates have been found to contain vulnerabilities that allow hackers to bypass encrypted traffic, forcing many companies to remove thousands of certificates from their websites. 

Advertisement
Advertisement - Article continues below

Other methods of launching attacks included using SSL/TLS for communication with command and control (C&C) server activity such as documents, APKs and executable files. The most popular threats in this category were banking trojans (60%), ransomware (25%) and other trojan viruses (12%).

Advertisement - Article continues below

When Zscaler looked into how these attacks were able to happen, it revealed that although the majority of websites had a legitimate SSL certificate, in some cases, criminals were able to make use of free short-lived certificates to distribute malicious content.

"Web properties are quickly adopting SSL/TLS to curb privacy concerns, but without inspection of encrypted traffic, enterprises run the risk of an attack," said Deepen Desai, Zscaler senior director of security research and operations. "Yet, SSL inspection can cause significant performance degradation on security appliances. A multi-layer defense-in-depth strategy that fully supports SSL/TLS inspection is essential to ensure enterprises are secure."

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement

Recommended

Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Australia announces $1.35 billion investment in cyber security
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
CSA and ISSA form cyber security partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do you build a great customer experience?
Sponsored

How do you build a great customer experience?

20 Jul 2020