Study: 91.5% of All Malware Arrives Over HTTPS-Encrypted Connections

Across Q2 2021, malware passed through encryption nine out of ten times. It's a dramatic increase over the previous quarter.

Across Q2 of 2021, 91.5% of all malware discovered had arrived across an encrypted connection, a new study has found.

In other words, standard internet security protocols are no longer enough to stop the vast majority of malicious software — something that everyone with an internet connection needs to make sure they understand.

The study, out today from security company WatchGuard Technologies, also pinpointed a few additional big trends in cyber threats: Network attacks and the ever-popular ransomware threat. Here are the biggest takeaways.

HTTPS Encryption Won’t Save You

If you’re on the internet, you likely recognize “HTTPS” from the start of most links you’ve visited. It stands for Hypertext Transfer Protocol Secure, and it means that information transmitted between your device and the website has been encrypted. But all that means is that your data can’t be compromised by a third-party intruder. The website itself can still send your malware.

And, according new data, malware is more and more frequently found on these HTTPS-encrypted sites.

“Put simply, any organization that is not examining encrypted HTTPS traffic at the perimeter is missing 9/10 of all malware,” WatchGuard says.

After all, these websites claim to be secure right there in the acronym, and that makes them the best way to deliver malware to unsuspecting victims.

Network Attacks Are Up

Network attacks are booming in Q2, with plenty of hackers attempting to access a company’s internal network. They’re up 22% over the previous quarter, which by WatchGuard’s analysis is the highest volume since three years ago in early 2018.

Q1 had almost 4.1 million network attacks, while Q2 boosted that number by another million.

A rise in this particular type of security concern may seem counterintuitive, given the pandemic-driven shift towards remote workforces over the past year and a half. But company networks are still around, and keeping up with perimeter security is more important than ever.

Ransomware Continues Growing

Ransomware detections were actually dropping in the months between 2018 and 2020, which is part of the reason why they’ve seemed to ramp up so strongly ever since. In Q2 2021, that trend continues — the quarter included one particularly high-profile case in which the Colonial Pipeline, a supplier of roughly 45% of all oil to the East Coast, was shut down temporarily.

The first half of 2021 has already seen nearly as many ransomware detections as the entirety of 2020, and WatchGuard projects that the entire year will see a volume increase that’s more than 150% up from the previous year.

As ever, businesses small and large should keep updated on the latest security technologies, from VPNs all the way up to the top remote access software available. And whatever you do, don’t trust a website just because it has the HTTPS stamp of approval.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at

Written by:
Adam is a writer at and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' is out from Abrams Books in July 2023. In the meantime, he's hunting down the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is's top-rated VPN service See Deals