More than 87 percent of all cyber threats took place over encrypted networks this year, a new Zscaler ThreatLabz report finds. The solution, the cybersecurity company says, lies in adopting zero trust security architectures.
Malware makes up most of the encrypted threats – totaling over 86 percent – Zscaler said, noting in its Dec. 4 report that phishing and cryptominers also accounted for a combined 13 percent of threats tracked between October 2023 and September 2024. The recent numbers also show a sharp uptick in malware hits compared to last year.
“Malware accounted for 86.5 [percent] of encrypted attacks, totaling 27.8 billion hits – a 19.2 [percent] increase from the previous year’s 23.3 billion hits,” reads the report. “This surge highlights the pervasive threat of malware in encrypted traffic, as attackers use encryption to conceal malicious payloads and content.”
Artificial intelligence also plays a role in the increase, with the report noting that encrypted phishing attacks have risen over 34 percent compared to last year and are largely driven by generative AI to make campaigns more deceptive and harder to detect.
The manufacturing industry was hit the hardest over the time period measured by researchers, receiving 42 percent of encrypted hits. The United States also was hit the hardest in attacks after being the target of 11 billion intrusions. India and France followed the U.S. at 5.4 billion and 854 million hits, respectively.
“The rise in encrypted attacks is a real concern as a significant share of threats are now delivered over HTTPS,” Deepen Desai, the chief security officer at Zscaler, said in a statement. “With threat actors focused on exploiting encrypted channels to deliver advanced threats and exfiltrate data, organizations must implement a zero trust architecture with TLS/SSL inspection at scale. This approach helps to ensure that threats are detected and blocked effectively, while safeguarding data without compromising performance.”
Implementing zero trust architecture ensures continuous verification, least privilege, and micro-segmented access. This strategy disrupts encrypted threats by thwarting attackers at every stage of their playbook – reconnaissance, breach, lateral movement, and data exfiltration, according to the report.
In addition to zero trust architecture, researchers said organizations should inspect all encrypted traffic. Leveraging artificial intelligence-driven cloud sandboxes, reducing entry points, and monitoring both inbound and outbound traffic can help detect threats, block malware, and secure connectivity across users, devices, and cloud workloads.
