Across Q2 of 2021, 91.5% of all malware discovered had arrived across an encrypted connection, a new study has found.
In other words, standard internet security protocols are no longer enough to stop the vast majority of malicious software — something that everyone with an internet connection needs to make sure they understand.
The study, out today from security company WatchGuard Technologies, also pinpointed a few additional big trends in cyber threats: Network attacks and the ever-popular ransomware threat. Here are the biggest takeaways.
HTTPS Encryption Won’t Save You
If you’re on the internet, you likely recognize “HTTPS” from the start of most links you’ve visited. It stands for Hypertext Transfer Protocol Secure, and it means that information transmitted between your device and the website has been encrypted. But all that means is that your data can’t be compromised by a third-party intruder. The website itself can still send your malware.
And, according new data, malware is more and more frequently found on these HTTPS-encrypted sites.
“Put simply, any organization that is not examining encrypted HTTPS traffic at the perimeter is missing 9/10 of all malware,” WatchGuard says.
After all, these websites claim to be secure right there in the acronym, and that makes them the best way to deliver malware to unsuspecting victims.
Network Attacks Are Up
Network attacks are booming in Q2, with plenty of hackers attempting to access a company’s internal network. They’re up 22% over the previous quarter, which by WatchGuard’s analysis is the highest volume since three years ago in early 2018.
Q1 had almost 4.1 million network attacks, while Q2 boosted that number by another million.
A rise in this particular type of security concern may seem counterintuitive, given the pandemic-driven shift towards remote workforces over the past year and a half. But company networks are still around, and keeping up with perimeter security is more important than ever.
Ransomware Continues Growing
Ransomware detections were actually dropping in the months between 2018 and 2020, which is part of the reason why they’ve seemed to ramp up so strongly ever since. In Q2 2021, that trend continues — the quarter included one particularly high-profile case in which the Colonial Pipeline, a supplier of roughly 45% of all oil to the East Coast, was shut down temporarily.
The first half of 2021 has already seen nearly as many ransomware detections as the entirety of 2020, and WatchGuard projects that the entire year will see a volume increase that’s more than 150% up from the previous year.
As ever, businesses small and large should keep updated on the latest security technologies, from VPNs all the way up to the top remote access software available. And whatever you do, don’t trust a website just because it has the HTTPS stamp of approval.
