WatchGuard Technologies released its Internet Security Report for Q3 2020. Top findings from the research reveal how COVID-19 has impacted the security threat landscape, with evidence that attackers continue to target corporate networks despite the shift to remote work, and a rise in pandemic-related malicious domains and phishing campaigns.
In Q3 of this year, a COVID-19 adware campaign running on websites used for legitimate pandemic support purposes made WatchGuard’s list of the top 10 compromised websites. WatchGuard also uncovered a phishing attack that leverages Microsoft SharePoint to host a pseudo-login page impersonating the United Nations (UN), and the email hook contained messaging around small business relief from the UN due to COVID-19. These findings further emphasize that attackers will continue to leverage the fear, uncertainty and doubt surrounding the global health crisis to entice and fool their victims.
Network attacks swelled to more than 3.3 million in Q3, representing a 90% increase over the previous quarter and the highest level in two years. Unique network attack signatures also continued on an upward trajectory, reaching a two-year high in Q3 as well. These findings highlight the fact that businesses must prioritize maintaining and strengthening protections for network-based assets and services, even as workforces become increasingly remote.
Additionally, in Q3 of this year, WatchGuard’s DNSWatch service blocked a combined 2,764,736 malicious domain connections, which translates to 499 blocked connections per organization in total. Breaking it down further, each organization would have reached 262 malware domains, 71 compromised websites, and 52 phishing campaigns. Combined with the aforementioned rise in convincing COVID-19 scams, these findings illustrate the importance of deploying DNS filtering services and user security awareness training.
“As the impact of COVID-19 continues to unfold, our threat intelligence provides key insight into how attackers are adjusting their tactics,” said Corey Nachreiner, chief technology officer at WatchGuard. “While there’s no such thing as ‘the new normal’ when it comes to security, businesses can be sure that increasing protection for both the endpoint and the network will be a priority in 2021 and beyond. It will also be important to establish a layered approach to information security, with services that can mitigate evasive and encrypted attacks, sophisticated phishing campaigns and more.”
For more on specific threats and results from the research, click here.