Most malware in 1Q20 was carried out with the help of encrypted HTTPS connections, claims WatchGuard Technologies.
Organizations globally should consider HTTPS inspection to uncover encrypted malware.
Nearly 67% of all the malware in the first quarter of 2020 was delivered though encrypted
HTTPS connections. The latest report from WatchGuard, titled “Internet Security Report for
Q1 2020” has come up with various insights about the ongoing malware attacks. About 72% of the encrypted malware has been tagged as zero-day – so would have escaped the
signature-based antivirus protection.
Setting up HTTPS inspection can be complicated – it demands extra effort, and if ignored,
the process can deteriorate the end-to-end encryption. Besides, it can affect the protection
from security gateways as well as products. Without the assessment of encrypted traffic,
organizations often miss upon 2/3 of incoming threats. As per the report, the UK was one of the top targets for cybercriminals in the first quarter with widespread network attacks.
COVID-19 – Majority of Enterprises to Increase Cyber Security Spending
According to Corey Nachreiner, CTO at WatchGuard –“Some organizations are reluctant to
set up HTTPS inspection due to the extra work involved, but our threat data clearly shows
that a majority of malware is delivered through encrypted connections and that letting
traffic go uninspected is simply no longer an option…As malware continues to become more
advanced and evasive, the only reliable approach to defense is implementing a set of
layered security services, including advanced threat detection methods and HTTPS
inspection.”
Some principal findings from the report are –
1 Monero crypto miners increased in popularity
2 Top lists of malware variants included Flawed-Ammyy and Cryxos
3 Top network attacks found a three-year-old Adobe vulnerability
4 Online and cloud platforms are under attack with spear-phishing campaigns
COVID-19 repercussions have boosted cyber attacks
Q1 2020 was just the beginning of drastic changes to the comprehensive cyber threat
ecosystem – driven by the coronavirus pandemic. In the initial three months of 2020, the world witnessed a rise in remote workers and cyber attacks targeting individuals. However, the malware hits and network-related attacks have declined. Broadly, in Q1, there were nearly 6.9% less malware hits and around 11.6% fewer network attacks. Despite this, there was a 9% surge in the amount of Fireboxes contributing data. Thus, this could be attributed to the fewer possible targets operating in the traditional network perimeter – along with the extensive work from home policies amid the pandemic.
Keyfactor and Thales Address Code Signing Cyber-Attacks Targeting Businesses
