Home » Majority of malware occurs over HTTPS encrypted connections

Majority of malware occurs over HTTPS encrypted connections

In a word: A new report from WatchGuard Technologies reveals how nearly all malware arrives over HTTPS encrypted connections. The company’s latest Quarterly Internet Security Report also highlights a noticeable increase in fileless malware, as well as network and ransomware attacks.

The network security company said that in the second quarter of 2021, 91.5% of malware arrived through an encrypted connection. He added that any business that does not examine perimeter encrypted HTTPS traffic will miss out on 9/10 of all malware. The data is derived from the company’s own active WatchGuard Fireboxes.

“While much of the world still operates firmly in a mobile or hybrid workforce model, the traditional network perimeter is not always factored into the cybersecurity defense equation,” said Corey Nachreiner, director of security at WatchGuard.

Ransomware attacks declined between 2018 and 2020, but in the first half of 2021 alone, attacks equaled the total number seen in 2020. Thus, this year’s volume is expected to increase by over 150% compared to 2020.

WatchGuard has blocked over 16.6 million malware variants (438 per device) and nearly 5.2 million network threats (137 per device). The report also shows how, although malware attacks were down 3.8% slightly in the second quarter, threat actors took advantage of hybrid work models by targeting malware at remote users at home and office infrastructure.

The increase in malware usage has targeted Microsoft Exchange servers and generic mail users to download Remote Access Trojans (RATs) in “highly sensitive locations”, the reason likely being attributed to return of the workforce and learners to hybrid offices and academic environments.

Additionally, Microsoft Office continues to be a popular malware target. Debuting at the top of the list of the 10 most common network attacks, the RCE 2017 vulnerability affects Microsoft browsers. “While this may be an old exploit and fixed in most systems (hopefully), the ones that haven’t been fixed yet are about to wake up abruptly if an attacker is able to. ‘get there before them,’ the report warns.

Although remote labor is increasingly common, WatchGuard has detected an increase in network attacks, increasing 22% to 5.1 million, from a million fewer in the first quarter. Statistics show “an aggressive course that highlights the growing importance of maintaining perimeter security alongside user-centric protections.”

A new threat report from Eset, meanwhile, detailed how hackers are stepping up their efforts to guess passwords. Between May and August 2021, the security company detected 55 billion new brute force attacks focused on Remote Desktop Protocol (RDP) services aimed at the public, a 104% increase from the 27 billion attacks carried out in the during the first four months of 2021. Attackers exploit opportunity due to increase in remote work; the pandemic has led much of the workforce to use remote office services.



Please enter your comment!
Please enter your name here

Stay on Top - Get the daily news in your inbox

Trending this Week