GROUP NO 9

SN NAME REG NUMBER

1 SAHANI, DAUD SAMWELY EPIT/D/2020/0013

2 EDWARD, PAULO JAMES EIM/D/2020/0009

3 NHEMANJI, DEMILA AZALIA EIM/E/2020/0036

4 JOJO, SAGUDA M. EIM/D/2020/00035

 ENCRYPTED ATTACK
 Encrypted attack typically refers to the type of attack that targets encrypted

communication channels or exploits vulnerabilities in encryption protocols

and algorithms.

 Encrypted attack happens when attackers try to exploit the weaknesses in

encryption implementations or leverage other methods to compromise

encrypted system.
 ENCRYPTED ATTACK…
 It is believed that encryption process protect the safety, confidentiality and

authenticity of what ever we share through different communication channels

but present days Criminals are equipped with advanced tools and better

techniques in such a way that attackers can misuse the encrypted system and

steal the data that through encryption are believed to be confidential.

 Criminal use very same encryption that was meant to deter them from stealing

your data, to launch a cyberattack while being undetected.

 ENCRYPTED ATTACK…
 Attackers alter the encrypted text to embed malware into them or steal the

private key used for encoding and decoding the information, what

attackers do is just to find weakness in the encrypted system . They look

for something amiss in code, cipher text, or the private key and use that

weakness to violence your network security.

SONICWALL CYBER THREAT REPORT
2023

 KEY FINDING: ENCRYPTED ATTACKS FALL 28%

 Encrypted Attacks Fall 28%
 In 2022, SonicWall Capture Labs threat researchers recorded 7.3 million encrypted

attacks, down from 10.1 million in 2021.

 But in 2022, the total was closer to last year’s record high than to the volumes seen in

2019 (3.7 million) and 2020 (3.8 million).

 But while a 28% decrease is somewhat modest compared with some of the movement

we’ve seen elsewhere, it hides a great deal of regional variation.

 REGIONAL VARIATION

 In Asia, attack volumes fell dramatically in 2022, dropping 85% year over

year. For most of the year, LATAM appeared to be going the same

direction.

 By November, attack volumes for 2022 were less than half that seen in

2021.
 REGIONAL VARIATION
 But then December came, bringing with it more than twice the number of
attacks that LATAM recorded in the other 11 months combined. This late-
year was enough to singlehandedly push encrypted attacks in the region
from a 62% year-over-year decrease to a 29% increase. While it lacked the
volatility seen in other regions, double digit movement was also seen in
North America and Europe, which experienced a drop of 39% and an
increase of 22%, respectively
TRENDING OF REGIONAL VARIATION
 Encrypted Attacks by Industry

 For the industries studied, the news ranged from good, to bad, to worse.

Retail and finance received a welcome reprieve from encrypted attacks,

with attack volumes for these industries falling 79% and 45%,

respectively. In contrast, healthcare saw a 35% jump in malware attacks

over HTTPs — but this was small compared with what was experienced

by customers in education and healthcare.

 Encrypted Attacks by Industry
 Both of these industries experienced triple-digit attack volume increases,
with attacks on education rising 411% and attacks on government spiking
887%. The huge increase in attacks on government organizations can also
be observed in the per-customer data. Government was the only industry
studied to see a year-over-year increase in the average percentage of
customers targeted. This increase pushed it above education, the industry
that saw the most attacks per customer in 2021.
% of Customers Targeted by Malware Over HTTPs in
2022
 What Are Encrypted Threats?
 Put simply, TLS (Transport Layer Security) is used to create an encrypted

tunnel for securing data over an internet connection. While TLS provides

security benefits for web sessions and internet communication, this

encryption protocol is also increasingly used by cybercriminals who want

to hide malware, ransomware, zero-day attacks and more.

 What Are Encrypted Threats?

 Legacy firewalls and other traditional security controls lack the capability

or processing power required to detect, inspect and mitigate cyberattacks

sent via HTTPs traffic, making this a highly successful avenue for skilled

threat actors to deploy and execute malware.

POSSIBLE MEASURES FOR PREVENTION

1. Advancements in cybersecurity technologies: The continuous development

of robust encryption algorithms and security protocols can make it more

challenging for attackers to exploit vulnerabilities in encrypted systems.

 As encryption techniques evolve, it becomes more difficult for attackers to

decrypt or bypass security measures, reducing the effectiveness of their

attacks.
POSSIBLE MEASURES FOR PREVENTION

2. Improved detection and prevention mechanisms: Organizations and security

professionals are continually enhancing their detection and prevention mechanisms to

identify and block encrypted attacks. Advanced threat intelligence systems, intrusion

detection systems (IDS), and security information and event management (SIEM)

solutions are designed to detect suspicious activities and patterns in encrypted traffic.

These technologies can help identify and block potential threats, reducing the success rate

of encrypted attacks.
POSSIBLE MEASURES FOR PREVENTION

3. Enhanced security awareness and training: Increased awareness of cybersecurity

threats among individuals and organizations can lead to better preparedness and

proactive measures. Organizations invest in security training programs for their

employees, teaching them about the risks associated with encrypted attacks and how

to identify and report suspicious activities. This heightened awareness can result in

improved security practices and a reduced likelihood of falling victim to encrypted

attacks.
POSSIBLE MEASURES FOR PREVENTION

4.Collaboration and information sharing: Cybersecurity communities, industry

groups, and government organizations promote information sharing and

collaboration to address the evolving threat landscape. By sharing insights,

attack patterns, and countermeasures, security professionals can stay one step

ahead of attackers. Such collaborations help in developing effective strategies

and countermeasures to mitigate encrypted attacks.

POSSIBLE MEASURES FOR PREVENTION

5.Strengthened encryption practices: Organizations have recognized the

importance of strong encryption practices and have implemented robust

encryption algorithms and protocols to secure their systems and

communications. By adopting industry best practices, such as using strong

encryption keys and regularly updating encryption protocols, organizations can

minimize the vulnerabilities that attackers can exploit.

CONCLUSION

 It's important to note that despite the decline in encrypted attacks, cyber

threats continue to evolve, and attackers often adapt their tactics. It

remains crucial for organizations to maintain vigilance, regularly update

their security measures, and stay informed about emerging threats to

ensure ongoing protection against encrypted attacks and other

cybersecurity risks.