More Than 90% of Q2 Malware Was Hidden in Encrypted Traffic

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Organizations that have not implemented controls for detecting malware hidden in encrypted network traffic are at risk of having a vast majority of malicious tools being distributed in the wild, hitting their endpoint devices.

A study of threat activity conducted by WatchGuard Technologies using anonymized data gathered from customer networks showed 91.5% of malware detections in the second quarter of 2021 involved malware arriving over HTTPS-encrypted connections. Only 20% of organizations currently have mechanisms for decrypting and scanning HTTPS traffic for malware, meaning the remaining 80% are at risk of missing nine-tenths of the malware hitting their networks daily, WatchGuard said.

Corey Nachreiner, chief security officer at WatchGuard, says one reason why more organizations have not enabled network-based HTTPS decryption controls is because of both the perceived and somewhat real complexity of this setup. 

“[For] man-in-the-middle decryption to work without messing up the sanctity of the HTTPS certificates that secure that traffic, you have to set up an intermediate

Read the article