Australia key target of encrypted attacks

By Dylan Bushell-Embling
Tuesday, 02 November, 2021

Australia is the fourth most targeted nation in the world by encrypted attacks targeting the HTTPS secure communications layer, according to Zscaler.

The security company’s 2021 Encrypted Attacks Report found that around 1.8 billion of the more than 20 billion HTTPS threats blocked by Zscaler and analysed for the report were targeting Australia.

This places Australia behind only the UK (5.45 bn), US (2.67 bn) and India (2.17 bn) in terms of exposure to the threat.

Globally, threats over HTTPS increased by more than 314% in January–September compared to the prior year, with malware content representing 91% of attacks. Malware grew 212% for the period, with phishing up 90%. By contrast, cryptomining attacks fell by 20%.

Attacks on technology companies grew 2300%, with retail and wholesale companies recording an over 800% increase in attacks.

But despite being one of the main targets in 2020, attacks on healthcare organisations fell 27% this year, with attacks on government organisations likewise down 10%.

The results of the research show that encrypted communications represent a blind spot for many enterprises in terms of their security posture, according to Zscaler CISO and VP Security Research and Operations Deepen Desai.

“Most enterprise IT and security teams recognise this reality but often struggle to implement SSL/TLS inspection policies due to a lack of compute resources and/or privacy concerns,” he said.

“As a result, encrypted channels create a significant blind spot in their security postures. Zscaler’s new report on the state of encrypted attacks demonstrates that the most effective way to prevent encrypted attacks is with a scalable, cloud-based proxy architecture to inspect all encrypted traffic, which is essential to a holistic zero-trust security strategy.”

Image credit: ©stock.adobe.com/au/ognjen