9,100 coronavirus-themed cyberattacks in India between Feb 2-May 2: Microsoft

Microsoft Vice President Ann Johnson says cybercriminals are taking advantage of the coronavirus pandemic, and targeting employees with phishing lures and malware.

9,100 coronavirus-themed cyberattacks in India between Feb 2-May 2: Microsoft

Tuesday May 12, 2020,

3 min Read

Cybercrooks are using COVID-19 to make ransomware and phishing attacks on people. Over 9,000 coronavirus-themed attacks were noticed in India between February 2 and May 2, according to a Microsoft executive.

"Between February 2 and May 2, we saw 9,100 total file encounters related to COVID-19 or coronavirus. It means our detection tools actually saw malware, URL, an attachment, or a phishing email using COVID-19 as a lure to get somebody to download malware to the system or potentially to give up their credentials via a phishing attack," Microsoft Corp Corporate Vice President (Cybersecurity Solutions Group) Ann Johnson told reporters on a conference call.

About 19 million such attacks were noted in Asia, she added.

"India was actually one of the lower countries or the only country that was lower (among) those we track...so, India had some pretty good controls in place," she said.

She noted that cybercriminals were taking advantage of the coronavirus outbreak, and were targeting employees with phishing lures and malware.

"That is exacerbated by the fact that workforces are now largely remote and under a lot of stress. They may not have been equipped in their homes to work remotely...we really do believe that technology needs to help our employees, customers, employees and IT professionals to navigate this crisis...We're seeing a lot of different pockets of attacks," she said.

Johnson said some ransomware attacks will start in one department of an organisation. Once the cybercriminals see they can monetise that attack, they move to another department in the organisation to really maximise the impact.

She said some of these attacks claim things like if the person clicks on the given link, they will be the first of 1,000 people to get the newest coronavirus vaccine.

"So, there's this sense of urgency that the bad actors tried to drive to because they don't want the employees to have the opportunity to go ask a colleague. They know people are working from home potentially, so they can't just walk to the next cubicle or walk down the hall, they may have to phone somebody or e-mail them, and they give this urgency around these phishing attacks that the person must respond right away," she said.

Johnson said these attacks were targeting vulnerable places like healthcare organisations, state and local government, and critical infrastructure.

She said enterprises needed to have "digital empathy" as employees were working remotely, potentially outside of the company's firewall.

Johnson said organisations should ensure that employees were given necessary tools and education, and that there were lines of communication available in case they faced any issue.

(Edited by Teja Lele Desai)