VPNFilter Detector Basic is is a turn-key content package for ArcSight that helps detect VPNFilter malware activities in your network. This malware infected at least 500,000  routers in at least 54 countries. The known devices affected by VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment.  Some network-attached storage devices known to have been targeted as well. VPNFilter can steal website credentials, monitor Modbus SCADA protocols and has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide.