Coronavirus-themed cyberattacks on decline, Microsoft says

microsoft
(Image credit: Paolo Bona / Shutterstock.com)

It’s no secret or surprise that cybercrooks have taken advantage of the global coronavirus pandemic, but new research from Microsoft has given a greater glimpse into their behaviour.

Microsoft said that cybercriminals exploitation of the coronavirus crisis peaked in early March, but steeply dropped off after that, reaching a steady baseline in early April.

According to insight from Microsoft's Threat Protection Intelligence Team, cyber criminals began launching opportunistic campaigns once the World Health Organization revealed the  Covid-19 pandemic on February 11. 

"The week following that declaration saw these attacks increase eleven-fold," the report said. 

"While this was below two percent of overall attacks Microsoft saw each month, it was clear that cybercriminals wanted to exploit the situation," the report added. "People around the world were becoming aware of the outbreak and were actively seeking information and solutions to combat it.”

Adapting to chaos

When many countries around the globe began introducing lockdown measures to curb the disease’s spread at the beginning of March, Microsoft said the number of Covid-19 attacks peaked at that point.

Although online crooks have been leveraging the global pandemic to launch effective attacks, the firm said the overall trend of malware detections worldwide, coronavirus-related or not, did not vary significantly during this time and was a blip in the total volume of threats we typically see in a month.

Interestingly, hackers didn’t reinvent the wheel when it came to deploying attacks during this period. 

The report says: “Looking through Microsoft’s broad threat intelligence on endpoints, email and data, identities, and apps, we concluded that this surge of Covid-19 themed attacks was really a repurposing from known attackers using existing infrastructure and malware with new lures.”

Calling the attacks "opportunistic," Microsoft said they targeted key industries -- as well as people working to tackle the pandemic -- and preyed on people’s concern, confusion and desire for resolution.

"Cybercriminals are adaptable and always looking for the best and easiest ways to gain new victims. Commodity malware attacks, in particular, are looking for the biggest risk-versus-reward payouts," explained Microsoft.

“The industry sometimes focuses heavily on advanced attacks that exploit zero-day vulnerabilities, but every day the bigger risk for more people is being tricked into running unknown programs or Trojanized documents.”

Leveraging regional news

In the report, researchers focused on the US, UK and South Korea. All three countries saw Covid-19 attacks peak concurrently, but the perpetrators tailored their attacks to headlines in different parts of the world. 

For example, in the UK, attacks surged after the first coronavirus fatality was announced, and again when Prime Minister Boris Johnson ended up in intensive care with the virus.

Microsoft added: “Organizations should further improve security posture by educating end users about spotting phishing and social engineering attacks and practising credential hygiene.”

  • Read more: Get the best business VPNs for your firm and employees
TOPICS

Nicholas Fearn is a freelance technology journalist and copywriter from the Welsh valleys. His work has appeared in publications such as the FT, the Independent, the Daily Telegraph, The Next Web, T3, Android Central, Computer Weekly, and many others. He also happens to be a diehard Mariah Carey fan!

Latest in Online Security
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
An FBI agent typing on a computer
FBI issues warning to millions of Americans to avoid these websites that can steal your passwords and banking info
How to delete TikTok
TikTok has rolled out a vital new security feature — here's how to use it
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Thursday, March 20 (#648)
A phone with the Plex logo in front of an out-of-focus background of movie posters
Yikes! Plex is getting a price hike and this key feature is going behind a pay wall
back of Iris Pixel 9a
Google Pixel 9a pre-orders delayed due to 'component quality issue' — here's when you can get one
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Sony A95K QD-OLED TV in front of windows in a living room
This new TV breakthrough looks like a game-changer for OLED TVs
Apple iPhone 16 & 16 Plus hands-on.
Forget USB-C — a truly portless iPhone just got the all-clear from the EU