Is your network as secure as you think it is? If you’re entirely upgraded to HTTPS to prevent malware from infecting your web traffic, the answer might be: not as much as you think.
Shocking statistics revealed by the quarterly Internet Security Report from WatchGuard Technologies should have network administrators across all industries questioning how much they blindly trust HTTPS web traffic. If HTTPS alone won’t protect your machine identities from attack, an encryption strategy that prioritizes regular intelligence updates and immediate response to threat alerts will be crucial moving forward. So, it turns out that it’s more about the importance of managing and protecting your encryption, than about just having it.
In the first half of 2021, 91% of malware attacks arrived via HTTPS-encrypted channels. BreachQuest Co-Found and CTO, Jake Williams, found this figure lower than he expected! “It’s unsurprising that most malware is delivered over encrypted channels. This research puts numbers to what would otherwise be anecdotes. I would have guessed the number was north of 95%.”
These figures shouldn’t suggest that organizations stop using HTTPS altogether, especially since it remains the security standard for most browsers. The reason for this new trend is that organizations rely on a false sense of security, becoming far too complacent about HTTPS, and automatically assuming all traffic from HTTPS connections is legitimate without any further due diligence. Once cybercriminals became aware of this tendency, sneaking malware in through these channels was the logical next step. In Q2 2021 alone, WatchGuard reported blocking more than 16 million malware variants, an average of roughly 430 attempted attacks per device.
There are many factors at play causing this rise of malware attack, but one of the main contributors over the past year or so has been the COVID-19 pandemic causing an unprecedented shift to remote work. IT teams often have a difficult time monitoring employees for compliance with corporate security policies. Negligent employees connecting to company infrastructure via insecure channels is a major vulnerability that can easily be the culprit of unauthorized network access.
Microsoft Office-based threats were another common occurrence in 2021. That’s not to say Microsoft is less secure, simply that the sheet number of attacks aimed at Microsoft make it inevitable for some to be successful. Between signing rootkit malware and the discovery of an AD CS vulnerability, to name a few, Microsoft users remain a persistent target of cybercriminals. Microsoft users should remain particularly alert to phishing scams, a form of cyber attack that WatchGuard has seen increasingly used to disguise malware as popular domains.
A major takeaway of this report for organizations that is HTTPS traffic should be monitored closely for malware. The best way to mitigate risks is early detection and immediate action. This strategy is only possible when you have a complete inventory of your machine identities, along with regular intelligence reports on their status. This is critical because machine identities are the encryption keys and certificates that help you validate an https connection. If you don’t control them, then you don’t control the encrypted tunnel.
This is the ironclad security and peace of mind that automated machine identity management with Venafi allows organizations to enjoy. Automation not only makes it a breeze to consistently enforce your organization’s security policies, but it allows for streamlined and expedited remediation of security events.
Ready to start your digital transformation? Learn all about the Venafi Trust Protection Platform!