Deepen Desai, CISO and VP of Security Research and Operations at Zscaler, talked about Zscaler cloud research report - 2020: The State of Encrypted Attacks, which the research team analyzed encrypted traffic across the Zscaler cloud for the first nine months of 2020.
Zscaler Cloud blocked a 6.6 billion security threats that were encrypted which is basically average of 733 million blocked a month in 2020 compared to 283 million blocked in 2019. 1.6 billion out of 6.6 billion encrypted threats were targeting healthcare. According to the report, 80% of all cyber traffic is encrypted and the SSL based attack has been increased 200%. Especially, the ransomware attacks has increased 500%.
The most popular brands that have been spoofed are Office 365, Tech Support, PayPal, Google, and Netflix. Nowadays, you cannot differentiate the spoofed site with the legitimate sites.
How do we prevent the SSL/TLS based attacks? First, inspect all SSL traffic by setting up a proxy based architecture. The on-premise security tool such as next generation firewalls are incapable of performing decrypt, inspect, and re-encrypt effectively. Second, set up a true zero-trust network access architecture which means there is no network presence of any of the user laptops. Zscaler performs SSL inspect at scale as part of its platform of services.
In conclusion, Desai emphasized the importance of defense in-depth to prevent the increasingly popular SSL/TLS encrypted attacks.
https://thecyberwire.com/podcasts/research-saturday/162/notes
No comments:
Post a Comment