WatchGuard Technologies’ latest quarterly Internet Security Report laid out the most pressing security trends and malware threats impacting the digital universe. The document also specified the cutting-edge endpoint intelligence strategies that have been developed to combat them.
The insights were quite alarming. Perhaps most disturbing, the research found that over 91 percent of the identified malware was transmitted over HTTPS-encrypted connections. Additionally, incidences of ransomware, attacks against networks, and script-based or fileless malware threats skyrocketed during the relevant three-month period.
The lessons are clear for organizations of all sizes. Most notably, businesses need to actively work to guard their digital perimeters against potentially contaminated HTTPS traffic. Specifically, bad actors are using PowerShell tools to slip through perimeter protections by exploiting weaknesses in Windows software, making it more important than ever to regularly install the latest security patches.
Security-conscious companies must continue to guard against tried-and-true strategies such as phishing, especially now that workers are beginning to resume pre-pandemic work habits and locations. This trend underscores the importance of creating and maintaining an environment of security awareness and accountability among staff members at all levels.
Finally, companies should embrace modern detection technologies like machine learning and behavioral analysis. With these tools in a business’s arsenal, its cybersecurity team can home in on red flags and intercept potential attacks before they even happen.
What has made organizations so vulnerable to malware hidden in HTTPS traffic? According to Corey Nachreiner, the chief security officer at WatchGuard, the problem lies in the relative complexity involved in setting up network-based HTTP decryption controls.
For the configuration to work, it is necessary to place a root or intermediate CA certificate as part of the official certification verification process. Although taking this step can require a good amount of learning and initial effort, the result is an exponentially safer digital perimeter that is much more likely to repel dangerous malware attacks of all types.
