India is the second most targeted country for encrypted attacks globally with 5.2 billion attacks, according to Zscaler’s ThreatLabz 2024 Encrypted Attacks Report. The US had 11 billion attacks, France 854 million, UK 741 million and Australia 672 million. The report shows a global increase of 10% year over year in attacks delivered via encrypted channels, with 87% of all attacks now using encryption to hide.
The report shows a worrying rise in encrypted malware which accounted for 86% of all encrypted attacks globally with 27.8 billion hits, a 19% year over year increase. Encrypted malware includes malicious web content, macro based payloads and advanced attack tools, a tactical shift among the cybercriminals. The most active malware families globally were AsyncRAT, Choziosi Loader, AMOS/Atomic Stealer, Ducktail, Agent Tesla and Koi Loader.
India saw a huge surge in web based attacks, cross site scripting up 79.39% and browser exploits up 172.81%. Malware, phishing and spyware sites were the top contributors to India’s encrypted threats, malware alone accounted for 97%. Cryptomining and cryptojacking saw a decline of 8.67% and phishing attacks down 3.80%, possibly a sign of evolving tactics among the threat actors, fueled by the use of generative AI technologies.
The manufacturing sector in India was the most affected with 170.88% year over year increase in encrypted attacks. This is due to the rapid pace of Industry 4.0 and the increasing interconnectedness of systems which has expanded the attack surface. Technology and communication was the second most targeted with 32.6% of all attacks, followed by finance, insurance, retail and wholesale, showing the wide range of industries affected.
Zscaler’s Chief Security Officer, Deepen Desai said, “Organizations need to adopt Zero Trust Architecture to detect and mitigate threats hidden in encrypted traffic. They need to implement TLS/SSL inspection at scale to protect the data without compromising the performance.” Suvabrata Sinha, Zscaler India’s CISO-in-Residence said, “Indian organizations need to prioritize zero trust frameworks, inspect 100% of the traffic and invest in robust security to counter the relentless cyber attacks.”
To counter the threats the report suggests some key strategies, inspect both incoming and outgoing encrypted traffic, microsegmentation to limit access and use AI driven tools like cloud sandboxes to isolate unknown threats. Organizations should reduce the entry points into their networks and monitor northbound and southbound traffic to disrupt C2 communications and prevent data exfiltration.
In summary, Zscaler’s report is a wake up call to the growing cyber threat landscape in India where encrypted attacks are on the rise. As India continues to go digital, zero trust and advanced security will be the key to mitigate the risks and secure the growing digital infrastructure.
