The Zscaler report indicates a significant increase in cyber threats delivered over encrypted channels, with 86% of attacks, including malware, ransomware, and phishing attempts, occurring through encrypted means. This marks a 24% rise from the previous year, underscoring the sophisticated tactics employed by cybercriminals to leverage encrypted traffic for malicious activities. Manufacturing remains the primary target for these attacks, maintaining its status as the most commonly targeted industry for two consecutive years.
Malware continues to be the leading category among encrypted threats, comprising 78% of attempted cyberattacks. The report highlights specific malware families such as ChromeLoader, MedusaLocker, and Redline Stealer as prevalent threats in 2023. Manufacturing, facing an expanding attack surface due to the rise of smart factories and IoT, processed over 2.1 billion AI/ML-related transactions, making it the industry with the most AI/ML transactions.
This expansion of the attack surface raises concerns about data leaks, particularly with the use of generative AI applications like ChatGPT on connected devices in manufacturing. Education and government sectors experienced significant year-over-year surges in encrypted attacks, with a 276% and 185% increase, respectively. The education industry’s expanded attack surface due to the shift toward remote and connected learning has made it a prime target, while the government sector remains attractive to nation-state-backed threat actors.
To address these challenges, the report recommends adopting a cloud-native, proxy-based architecture to decrypt, detect, and prevent threats in encrypted traffic, leveraging SSL inspection, AI-driven sandboxing, and a zero-trust architecture to enhance security and minimize risks associated with encrypted cyber threats.