WatchGuard: Hackers Target Corporate Networks Despite Shift to Remote Work

Despite the shift to remote work, hackers continue to aggressively target corporate networks. Moreover, the rise of COVID-19-related malicious domains and phishing campaigns continues, WatchGuard said in its recent Internet Security Report for Q3 2020.

Key findings from the report include:

Network attacks. Rose by 90% from Q2 to 3.3 million, the highest level in two years. Unique network attack signatures also hit a two-year high in Q3. Takeaway: Businesses must prioritize maintaining and strengthening protections for network-based assets and services even as work forces become increasingly remote.

COVID-19. In Q3, a COVID-19 adware campaign running on websites used for legitimate pandemic support made WatchGuard’s list of the top 10 compromised websites. WatchGuard also uncovered a phishing attack hosting a bogus login page with an email lure around small business COVID-19 relief from the United Nations. Takeaway: Attackers will continue to exploit fear, uncertainty, and doubt from the pandemic to victimize organizations.

Phishing attacks and malicious links. In Q3, WatchGuard’s DNSWatch service blocked a combined 2.8 million malicious domain connections, or roughly 500 blocked connections per organization in total. Takeaway: A closer look shows that each organization would have reached 262 malware domains, 71 compromised websites, and 52 phishing campaigns.

Industrial control systems. In Q3, attackers exploited a previously-patched authentication bypass vulnerability in a popular supervisory control and data acquisition (SCADA) control system. Takeaway: Attackers targeted nearly 50% of U.S. networks with SCADA threats in Q3, a sign that bad actors could focus on industrial control systems in 2021.

LokiBot look-a-like. Farelt, a password stealer that resembles LokiBot was one of the most widespread malware detections in Q3. It’s not clear if the Farelt botnet uses the same command and control structure as LokiBot but it’s likely the SilverTerrier malware group created both malware variants. Takeaway: WatchGuard found solid evidence that Farelt has likely targeted many more victims than the data shows.

Emotet. The infamous banking…