Content, Content

Q3 Internet Security Report: Equifax Vulnerability a Top Network Attack

Malware and network attack volume is increasing, according to the "Internet Security Report for Q3 2019" from network security company WatchGuard Technologies.

Key findings from WatchGuard's report included:

  • There was a 60 percent year-over-year increase and 4 percent quarter-over-quarter increase in overall volume of malware detected in 3Q19.
  • Approximately 42 percent of malware attacks were aimed at North, Central and South America.
  • Nearly 2.4 million network attacks were recorded on WatchGuard Fireboxes.

In addition, the Apache Struts 2 Remote Code Execution vulnerability ranked among the most popular network attacks in 3Q19, WatchGuard indicated. Cybercriminals previously used this vulnerability during the Equifax data breach.

How to Guard Against Malware and Network Attacks

Executive-level tactics are now necessary to guard against malware and network attacks, WatchGuard indicated. Fortunately, organizations can use the following tactics to limit the risk of data breaches caused by these attacks:

  • Perform internal and external software patching. Update internal and external software to combat network attacks and eliminate internal exploits that cybercriminals can use for lateral movement within networks.
  • Remove Flash Player. Adobe Flash Player is no longer a requirement for most websites, and as such, can be removed. For organizations that keep Flash Player, they should download software patches regularly.
  • Monitor digital certificates. Pay attention whenever anyone is trying to add a digital certificate to a browser and computer's certificate store and do not install unauthorized external certificates.
  • Use advanced malware protection. Deploy advanced malware solutions that go beyond signature-based protection.
  • Leverage multi-factor authentication (MFA). Require employees to use MFA to log in to their computers and provide access portals that make it easy to use MFA every day.

MSSPs can help organizations secure their data and systems against malware and network attacks, too. By working with an MSSP, an organization can explore ways to improve its security posture and minimize the risk of cyberattacks that lead to data breaches.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.