Encryption has become the norm for many cybercriminals looking to obfuscate all parts of an attack, according to Zscaler’s 2019 Cloud Security Insights Threat Report.
One of the goals of a cyberattack is stealth. The longer cybercriminal activity can remain undetected, the higher the chances of an attack succeeding. Using SSL encryption is one way of hiding the transmission of many parts of an attack. According to cloud security vendor Zscaler, who process more than 60 billion cloud transactions daily, SSL is in high demand:
- Phishing – more than 2.7 million encrypted phishing attacks occur monthly, a 400% rise from 2017.
- Content – a monthly average of 196 million instances of “malicious content, including compromised websites, malicious redirect scripts, and malvertising attempts” hiding within SSL.
- Botnets – a average of 32 million botnet callback attempts were blocked every month in 2018
- Domains – 32% of all fake domains blocked by Zscaler were using SSL to deliver content
As we’ve previously warned, the presence of website encryption can give users a false sense of confidence in the site they’re visiting. Users need to be training using Security Awareness Training to look beyond just the presence of a lock in the web browser and to scrutinize the domain and its content.
SSL makes it more difficult for organizations to spot bad guy activity – which means more of it is going to reach the user. Preparing the user with a security mindset will improve your organization’s security stance as cybercriminals leverage more and more ways to establish credibility and context to fool users into becoming victims.