2020 State of

Encrypted Attacks
No SSL Inspection, No Threat Protection

Zscaler’s ThreatLabZ team analyzed threats delivered

over encrypted internet traffic in 2020.

Read the Report

SSL-encrypted traffic on the rise

Up to 80% of internet traffic is SSL encrypted

Percentage
Percentage ofof Encryptedtraffic
encrypted Traffic seen across
across industrydifferent Industry Verticals
verticals
100 EDUCATION
FINANCE INSURANCE
GOVERNMENT
HEALTH CARE
75
Percentage of Encrypted Traffic seen across different Industry Verticals
MANUFACTURING
OTHERS
RETAIL WHOLESALE
100 EDUCATION
SERVICES
50 FINANCE INSURANCE
TECHNOLOGY COMMUNICATION
GOVERNMENT
HEALTH CARE
75
MANUFACTURING
25
OTHERS
RETAIL WHOLESALE
SERVICES
50
TECHNOLOGY COMMUNICATION
0
JAN FEB MAR APR MAY JUN JUL AUG SEP
2020 2020 2020 2020 2020 2020 2020 2020 2020
25

260%
JAN
2020
FEB
2020
MAR
2020

Increase in SSL threat volume

APR
2020
MAY
2020
JUN
2020
JUL
2020 30%
AUG
2020
SEP
2020

Of SSL threats start from

500%
Increase in ransomware over SSL
cloud-based file-sharing services

“ Cybercriminals are not making any ethical exceptions,

even during the COVID pandemic, as they continue to
indiscriminately target the healthcare industry with
advanced threats over encrypted channels.

Cybercriminals Malware blocked over

encrypted channels by industry
capitalize on
COVID-19 25.5%
HEALTHCARE: 25.5%

FINANCE/INSURANCE: 18.3%
HEALTHCARE
Healthcare industry takes the MANUFACTURING: 17.4%

brunt of SSL-encrypted threats GOVERNMENT: 14.3%

SERVICES: 11.0%

TECHNOLOGY: 6.3%

RETAIL/WHOLESALE: 3.5%

EDUCATION: 2.4%

OTHER: 2.3%

Advanced threats blocked over TLS/SSL

from top cloud storage services Hackers abuse
500,000,000
file-sharing services
Steady growth of attacks aimed at Google
400,000,000 Drive, OneDrive, AWS, and Dropbox

300,000,000

200,000,000

100,000,000

0
MAR APR MAY JUN JUL AUG SEP

Misspellings can be costly

Domain squatting and homograph attacks dominate SSL threat landscape

These images are malicious

replicas of legitimate webpages.
Cybercriminals use popular brands to lure
the unsuspecting user with a fake website to
steal login credentials, PII, and financial
information, and execute malware.

Corporate brands and functions

Microsoft: 36%
most frequently phished
Tech Support: 17%
PayPal: 15%
Microsoft: 36% Webmail: 12%
Tech Support: 17% Google: 10%
PayPal: 15% OneDrive: 10%
Webmail: 12%
Google: 10%
OneDrive: 10%
Microsoft: 36%
Tech Support: 17%
PayPal: 15%
Zscaler’s global threat research team, ThreatLabZ,
Webmail: 12% analyzed more than 6.6 billion sessions
for its annual “State of Encrypted Attacks” report. Threats hidden in SSL-encrypted traffic Read the Report
Google: 10%
are on the rise, and security teams must recognize that encrypted traffic does not mean safe
OneDrive:
traffic any more. As this attack vector grows,10%
so does the need to inspect all SSL traffic.

Research ©2020 ThreatLabZ. All rights reserved. Zscaler™, Zscaler Internet Access™, ZIA™, Zscaler Private Access™, and ZPA™ are either (i) registered trademarks or service marks
or (ii) trademarks or service marks of Zscaler, Inc. in the United States and/or other countries. Any other trademarks are the properties of their respective owners. V.11.10.20
zscaler.com