Zscaler ThreatLabz Report Reveals Malware and Phishing Dominating Encrypted Threat Landscape, Manufacturing Sector Most Targeted

Zscaler's report reveals encrypted threats increased, primarily impacting manufacturing, with the U.S. and India as top targets.

Quiver AI Summary

Zscaler, Inc. has released its 2024 Encrypted Attacks Report, revealing that malware, phishing, and cryptominers constitute nearly 90% of all encrypted threats. The report indicates that 87% of threats were transmitted through encrypted channels, a 10% increase from the previous year, with manufacturing being the most targeted industry at 42% of attacks. The United States and India are identified as the top targets for encrypted attacks, highlighting their status as high-value targets for cybercriminals. The report also emphasizes the need for organizations to adopt a zero trust architecture with comprehensive TLS/SSL inspection to effectively mitigate these sophisticated threats, which have been exacerbated by advancements in artificial intelligence. Key recommendations include inspecting all encrypted traffic, implementing microsegmentation, and utilizing AI-driven sandboxes to enhance security against these evolving challenges.

Potential Positives

Zscaler's 2024 Encrypted Attacks Report highlights the company's leadership in cloud security, reinforcing its position as a trusted provider in an increasingly complex threat landscape.
The report details a significant 10% year-over-year increase in threats delivered over encrypted channels, indicating that Zscaler’s analytics and threat intelligence are highly relevant and critical for organizations facing evolving cyber threats.
The Zscaler Zero Trust Exchange™ platform is positioned as an essential solution for mitigating the risks of encrypted attacks, demonstrating the effectiveness of its security measures and further solidifying customer trust.

Potential Negatives

The report highlights a significant increase in encrypted malware attacks, with a 19% year-over-year rise, indicating that the threat landscape for organizations is worsening and may undermine Zscaler's effectiveness in preventing such attacks.
Manufacturing, being the most targeted industry with a 44% year-over-year increase in attacks, raises concerns about Zscaler's ability to protect its clients in this sector effectively, potentially leading to reputational damage.
The prevalence of encrypted threats and the need for organizations to adopt more stringent security measures may reflect inadequacies in current cybersecurity approaches, challenging Zscaler's market position as a leading provider of cloud security solutions.

FAQ

What are the main threats highlighted in the ThreatLabz report?

The report identifies malware, phishing, and cryptominers as accounting for nearly 90% of encrypted threats.

Which industry was targeted the most by encrypted attacks?

Manufacturing was the most targeted industry, facing 42% of all encrypted attacks.

Which countries are the top targets of encrypted attacks?

The United States and India are the top targets, with France also being frequently targeted.

What percentage of threats are delivered over encrypted channels?

Over 87% of all threats were delivered via encrypted channels, marking a 10% increase year-over-year.

How can organizations prevent encrypted attacks?

Organizations should implement a zero trust architecture and inspect 100% of incoming encrypted traffic for threats.

Disclaimer: This is an AI-generated summary of a press release distributed by GlobeNewswire. The model used to summarize this release may make mistakes. See the full release here.

$ZS Insider Trading Activity

$ZS insiders have traded $ZS stock on the open market 31 times in the past 6 months. Of those trades, 0 have been purchases and 31 have been sales.

Here’s a breakdown of recent trading of $ZS stock by insiders over the last 6 months:

ROBERT SCHLOSSMAN (Chief Legal Officer) has traded it 12 times. They made 0 purchases and 12 sales, selling 22,832 shares.
ANDREW WILLIAM FRASER BROWN sold 8,000 shares.
REMO CANESSA (Chief Financial Officer) has traded it 12 times. They made 0 purchases and 12 sales, selling 31,818 shares.
SYAM NAIR (CTO) has traded it 2 times. They made 0 purchases and 2 sales, selling 7,331 shares.
JAGTAR SINGH CHAUDHRY (CEO & Chairman) has traded it 2 times. They made 0 purchases and 2 sales, selling 5,720 shares.
MICHAEL J. RICH (CRO and President of WW Sales) has traded it 2 times. They made 0 purchases and 2 sales, selling 9,656 shares.

To track insider transactions, check out Quiver Quantitative's insider trading dashboard.

$ZS Hedge Fund Activity

We have seen 370 institutional investors add shares of $ZS stock to their portfolio, and 416 decrease their positions in their most recent quarter.

Here are some of the largest recent moves:

CAPITAL RESEARCH GLOBAL INVESTORS removed 1,476,689 shares (-100.0%) from their portfolio in Q2 2024
WESTBRIDGE CAPITAL MANAGEMENT, LLC removed 1,326,601 shares (-100.0%) from their portfolio in Q2 2024
TWO SIGMA ADVISERS, LP removed 873,000 shares (-54.4%) from their portfolio in Q3 2024
VOYA INVESTMENT MANAGEMENT LLC added 848,182 shares (+41.2%) to their portfolio in Q3 2024
VIKING GLOBAL INVESTORS LP added 847,771 shares (+inf%) to their portfolio in Q3 2024
TWO SIGMA INVESTMENTS, LP removed 841,228 shares (-78.2%) from their portfolio in Q3 2024
JPMORGAN CHASE & CO added 628,829 shares (+334.2%) to their portfolio in Q3 2024

To track hedge funds' stock portfolios, check out Quiver Quantitative's institutional holdings dashboard.

Full Release

Key Findings:

Malware, phishing and cryptominers account for nearly 90% of all encrypted threats observed in ThreatLabz analysis
Manufacturing was the target of 42% of encrypted attacks, making it the most- targeted industry
The United States and India are the top targets of encrypted attacks

SAN JOSE, Calif., Dec. 05, 2024 (GLOBE NEWSWIRE) -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published its Zscaler ThreatLabz 2024 Encrypted Attacks Report, which explores the latest threats blocked by the Zscaler security cloud and provides critical insights into how encryption has become a conduit for more sophisticated threats, further compounded by the rise of artificial intelligence (AI). ThreatLabz found that over 87% of all threats were delivered over encrypted channels between October 2023 and September 2024—a 10% increase year-over-year. The report offers strategies and best practices to help organizations tackle these covert threats.

"The rise in encrypted attacks is a real concern as a significant share of threats are now delivered over HTTPS," said Deepen Desai, Chief Security Officer, Zscaler. "With threat actors focused on exploiting encrypted channels to deliver advanced threats and exfiltrate data, organizations must implement a zero trust architecture with TLS/SSL inspection at scale. This approach helps to ensure that threats are detected and blocked effectively, while safeguarding data without compromising performance."

Encrypted malware continues to dominate
Malware accounted for 86% of encrypted attacks, totaling 27.8 billion hits—a 19% year-over-year increase. Encrypted malware includes malicious web content, malware payloads, macro-based malware, etc. This growing prevalence of malware reflects a strategic shift by attackers adapting tactics to thrive within encrypted traffic, using encryption to conceal malicious payloads and content.

According to ThreatLabz researchers, the most active malware families were:

AsyncRAT
Choziosi Loader/ChromeLoader
AMOS/Atomic Stealer
Ducktail
Agent Tesla
Koi Loader

The report also details notable year-over-year increases in web-based attacks, including cryptomining/cryptojacking (123%), cross-site scripting (110%) and phishing (34%), among other encrypted threats—surges that could be potentially fueled by the growing use of generative AI technologies by threat actors.

Most targeted industry verticals
Manufacturing was the most-targeted industry, accounting for 42% of encrypted attacks—nearly three times more than the second-most targeted industry, technology and communications. Attacks on the manufacturing industry grew 44% year-over-year, likely driven by rapid industry 4.0 advancements and the extensive use of interconnected systems, which have expanded the attack surface and heightened manufacturers’ vulnerability to cyber threats.

The top five most targeted industries were:

Manufacturing
Technology and communications
Services
Education
Retail and wholesale

Countries that experience the most encrypted attacks
ThreatLabz found that the United States, India and France are the most frequently targeted nations by encrypted attacks. The U.S. and India are consistently the top two most frequently targeted, highlighting their significance as high-value targets for cybercriminals. The top five most targeted countries by encrypted attacks were:

United States - 11B
India - 5.4B
France - 854M
United Kingdom - 741M
Australia - 672M

Stopping encrypted attacks with zero trust
Understanding how zero trust disrupts encrypted threats requires looking at a typical attack sequence. Advanced attacks often unfold in four stages:

First, attackers conduct reconnaissance to find a way into the targeted network.
Next, they breach the network, often via exploits, brute-force attacks or stolen credentials.
Once inside, they move laterally, escalate privileges and establish persistence.
Finally, they carry out their objectives, typically conducting data exfiltration to extract valuable information that can be leveraged for further extortion or attacks.

The Zscaler Zero Trust Exchange ™ platform provides security controls at each stage to mitigate risk and stop encrypted threats.

A key component of the Zscaler platform’s approach is its full TLS/SSL inspection capabilities, based on an advanced proxy architecture. Zscaler advises inspecting 100% of traffic to protect users and organizations from threats concealed within encrypted channels.

Organizations can bolster their ability to protect their devices, apps and data from encrypted attacks by following these recommendations:

Understand that any internet-facing service can be found and attacked or abused
Inspect incoming encrypted traffic to detect and block threats
Use a zero trust architecture to secure all connectivity holistically between users and applications, between devices like IoT and OT systems, between all locations and branch offices, between cloud workloads and more.
Implement microsegmentation to reduce access, even for authenticated users.
Leverage an AI-driven cloud sandbox to isolate and quarantine unknown attacks and stop patient-zero malware before it touches users.
Reduce the number of entry points into an environment.
Inspect outgoing northbound traffic along with incoming southbound traffic to disrupt C2 communications and protect sensitive data.

The ThreatLabz 2024 Encrypted Attacks Report provides additional insights and best practices to help organizations effectively prevent encrypted attacks. Download your copy here today.

Research Methodology
Analysis of 32.1 billion blocked threats from October 2023 to September 2024 in the Zscaler cloud shows that all blocked threats came via encrypted channels.

About ThreatLabz
ThreatLabz is the security research arm of Zscaler. This world-class team is responsible for hunting new threats and ensuring that the thousands of organizations using the global Zscaler platform are always protected. In addition to malware research and behavioral analysis, team
members are involved in the research and development of new prototype modules for advanced threat protection on the Zscaler platform, and regularly conduct internal security audits to ensure that Zscaler products and infrastructure meet security compliance standards. ThreatLabz regularly publishes in-depth analyses of new and emerging threats on its portal, research.zscaler.com .

About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Media Contact:

Zscaler PR
Natalia Wodecki
[email protected]

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/cf6e16ce-f9d0-4b72-b7ea-1eabaad015e3