In the past few months, cybercriminals have been using the corona virus pandemic to stop a Series of attacks on individuals and companies with a COVID-19 angle. To address these threats, Microsoft has deployed its threat intelligence as an open source solution to help the security community develop protection solutions for users.
The company already provides protection for customers using Microsoft Threat Protection (MTP) with products such as Microsoft Defender against attacks with corona virus motifs. However, now it is open sourcing knowledge for people who may not be protected by MTP. As part of the announcement, Microsoft has released new indicators to detect these attacks.
For its enterprise customers using Azure Sentinel, a cloud-based enterprise security analytics tool, the Seattle-based company has provided a led notebook that security teams can use to protect themselves from attacks. Microsoft also makes the threat data available to every company that uses it Malware Information Sharing Platform (MISP), an open source platform for threat information.
The company stated that this indicator list is created by processing billions of signals daily across cloud services, applications, and emails:
Microsoft processes trillions of signals every day across identities, endpoints, clouds, applications and emails. This gives you insight into a multitude of COVID-19 attacks and can detect, protect and react to them across our entire security stack.
The campaign that Trickbot shipped last week now uses Dofoil (also known as SmokeLoader), the notorious malware installer. Using the same “free COVID-19 test” bait, attackers started changing attachments late last week, with an upgrade: malicious documents that use the VBA stomping trick pic.twitter.com/WoaQq8Yvha
– Microsoft Security Intelligence (@MsftSecIntel) April 22, 2020
A recent BitDefender report indicates that cyber attacks on malware and ransomware in healthcare have increased significantly in the past three months compared to last year.
In another report, cyber security company Nuspire said that phishing attacks have increased by 171% in the past three months. Many of these incidents indicate that cybercriminals are developing threats around COVID-19 testing, Cards, Government notificationsand stimulus packages.
Hopefully the data from Microsoft security researchers will help to develop solutions that can effectively counter corona virus attacks.
Read our daily coverage of how the tech industry is responding to the coronavirus and subscribe to our weekly Coronavirus in Context newsletter.
For tips and tricks on working remotely, see our Growth Quarters articles here or follow us Twitter.