Page 55 - Cyber Defense eMagazine for September 2020
P. 55
New Research Highlights Importance of HTTPS Inspection
to Detect Encrypted Malware
Two-thirds of malware in Q1 2020 was delivered via HTTPS traffic, Monero cryptominers are on the
rise and more
By Marc Laliberte, Senior Security Analyst at WatchGuard Technologies
Today’s threat landscape is evolving rapidly. Attackers are constantly adjusting their tactics and finding
new ways to infiltrate organizations to steal valuable data. As such, businesses must remain up to date
on the industry’s latest threat intelligence in order to know their enemy and shore up defenses. That’s
why each quarter, WatchGuard’s Threat Lab research team produces a report on the latest trends in
malware and network attacks based on anonymized data from WatchGuard security appliances deployed
around the world.
Our latest Internet Security Report included many key findings and best practices that midmarket
organizations and the managed service providers that support them can use to ensure that their defenses
are up to the task of fending off today’s most prevalent security attacks. Let’s dive in:
1. Two-Thirds of Malware is Encrypted, Invisible Without HTTPS Inspection. An incredible 67%
of malware is delivered via HTTPS traffic. This means that organizations without security tools
that can decrypt and examine HTTPS traffic will miss a full two-thirds of security threats! We also
found that 72% of the malware delivered via encrypted HTTPS was new or “zero day,” meaning
no antivirus signature exists for it and it will not be blocked by legacy signature-based antimalware
methods. Not only are two out of every three pieces of malware in the wild delivered through an
encrypted channel, but that malware is also more difficult for traditional antivirus to detect!
Cyber Defense eMagazine – September 2020 Edition 55
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
