Home News 91.5% of Undetected Malware Landed Over Encrypted Connections

91.5% of Undetected Malware Landed Over Encrypted Connections

Malware are getting guileful and landing undetected over encrypted connections.

BotenaGo, malware over encrypted connections

IT administrators are having sleepless nights as threat perimeters are perpetually trending north and vectors getting guileful and evading detection. In its Q2 2021 Internet Security Report, WatchGuard Technologies detailed the trend observed around network security and malware getting shiftier in evading detection. The report revealed that 91.5% of malware arrived over HTTPS encrypted connections.

The report shares insights on the staggering rise across fileless malware threats, growth in ransomware, and the significant surge in network attacks. As per the report in Q2, total perimeter malware detection decreased to 16.6 million at 4%, despite a small 1% increase in the Fireboxes reporting in threat intelligence data.

Key Findings

  • Malware variants XML.JSLoader and AMSI.Disable.A, constituted over 90% of malware detections over secure web connections and 12% of Gateway AntiVirus detections. This malware family uses PowerShell tools to exploit vulnerabilities in Windows.
  • There was a 9-point dip in Zero-day malware from an all-time high in the last quarter. In spite of the dip, it continued to represent 64.1% of the detected malware attack.
  • 2 million network exploits were detected by Fireboxes Intrusion Prevention Service (IPS) in Q2, a 22.3% increase over past quarters.
  • Geographically, North and South America (AMER) were most attacked, averaging 1,744 IPS hits per Firebox. Europe, the Middle East and Africa (EMEA) followed with 764 hits per device, and the Asia Pacific (APAC) recorded 316 hits per device.

Protective Action  

The report recommends a few strategies for a protective approach and curtail the attacks in the next quarter.

  • Deploy an Endpoint Detection & Response (EDR) Safety Net
  • Shore Up the Holes in Your Remote Access
  • Create, Update, or Test your BC/DR Plan

As more reports emerge about innovative techniques being deployed by threat actors to go undetected and to evade malware analysis, this has been causing visible unrest among IT heads and administrators. A well-defined approach is needed to tackle the menace at hand, as there is a long winding path before there is some sense of normalcy and security in work patterns at organizations.