With the turn of the new year, COVID-19 has changed the landscape and remains the top-of-mind concern for individuals, organizations, and governments around the world.

Developing markets in Asia Pacific challenged by ransomware and malware encounters, while developed markets struggled with increased drive-by download attack volumes: Microsoft Security Endpoint Threat Report 2019

Since the outbreak, Microsoft Intelligence Protection team’s data has shown that every country in the world has seen at least one COVID-19 themed attack, and the volume of successful attacks in outbreak-hit countries seems to be increasing, as fear and the desire for information grows.

Of the millions of targeted phishing messages seen globally each day, roughly 60,000 include COVID-19 related malicious attachments or malicious URLs. Attackers are impersonating established entities like the World Health Organization (WHO), Centers for Disease Control and Prevention (CDC), and the Department of Health to get into inboxes.

Mary Jo Schrade, Assistant General Counsel, Microsoft Digital Crimes Unit, Microsoft Asia further explained, “According to our data, we found that COVID-19 themed threats are mostly rethreads of existing attacks that have been slightly altered to tie to the pandemic.

This means that attackers have been pivoting their existing infrastructure, like ransomware, phishing, and other malware delivery tools, to include COVID-19 keywords, to capitalize on people’s fear. Once users click on these malicious links, attackers can infiltrate networks, steal information and monetize their attacks.

Mary Jo Schrade, Assistant General Counsel, Microsoft Digital Crimes Unit, Microsoft Asia.

Businesses and individuals have a crucial role to play in navigating cyberspace securely and are encouraged to take the following steps:

Guidance for businesses:

  • Have strong tools to safeguard employees and infrastructure. This means looking into multi-layered defense systems and turning on multi-factor authentication (MFA) as employees work from home. Additionally, enable endpoint protection and protect against shadow IT and unsanctioned app usage with solutions like Microsoft Cloud App Security
  • Ensure employee guidelines are communicated clearly to employees. This includes information on how to identify phishing attempts, distinguishing between official communications and suspicious messages that violate company policy, and where these can be reported internally
  • Choose a trusted application for audio/video calling and file sharing that ensures end-to-end encryption

Guidance for individuals:

  • Update all devices with the latest security updates and use an antivirus or anti-malware service. For Windows 10 devices, Microsoft Defender Antivirus is a free built-in service enabled through settings
  • Be alert to links and attachments, especially from unknown senders
  • Use multi-factor authentication (MFA) on all accounts. Now, most online services provide a way to use your mobile device or other methods to protect your accounts in this way
  • Get educated on how to recognize phishing attempts and report suspected encounters, including watching out for spelling and bad grammar, and suspicious links and attachments from people you do not know

For more information on the findings published on the Microsoft Security Intelligence website, please visit: https://www.microsoft.com/securityinsights

About the author

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Sign Up for Our Newsletter

Get notified of our weekly selection of news

You May Also Like

New investment makes LINE MAN Wongnai Thailand’s largest tech startup

LINE MAN Wongnai was established in 2020 from the merger of LINE MAN, Thailand’s No. 1 on-demand assistant app, and Wongnai, a restaurant review platform. The company aims to be the most innovative e-commerce platform for services in Thailand

What shifting supply chains for semiconductors mean for Emerging markets in South-East Asia

The manufacturing of semiconductors is dominated by three countries – China, South Korea and Taiwan – which accounted for 87% of the global market in 2021.

Thailand’s Report of Cybercrime Crackdown in 2022

166 suspects from eight foreign call center gangs were arrested, while 58,463 bank accounts and 118,530 phone lines were discovered to be used for illegal operations and were frozen by authorities