Microsoft unveiled its Asia Pacific findings from its latest Security Endpoint Threat Report for 2019, which shared that cybercriminals are making 60,000 COVID-19 themed phishing attempts daily. High profile attacks aimed at New Zealand showed that they were one of the least targeted countries in the region in terms of attacks, with recent ones showing the need to remain vigilant regardless of fewer cases.
"The Microsoft Security Endpoint Threat report aims to create a better understanding of the evolving threat landscape and help organizations improve their cybersecurity posture by mitigating the effects of increasingly sophisticated attacks," shared Russell Craig, National Technology Officer for Microsoft's New Zealand branch.
The findings were taken from an analysis of diverse Microsoft data sources, including 8 trillion threat signals Microsoft received during 2019. The COVID-19 pandemic changed things, as it remains a concern for a lot of individuals and organizations on a global scale. Since the beginning of the pandemic, Microsoft's Intelligence Protection team's data showed that every county in the world had seen a minimum of one COVID-19 themed attack, with the volume of successful attacks on the rise the need for information and fears escalated over the past few months.
This Week In Malware Ep 11: Hackers Thrive on Covid-19 Themed Ransomware & Malware Attacks
Out of the millions of phishing attempts seen on a global scale, about 60 thousand included the COVID-19 theme with malicious attachments or URLs. Attackers often impersonate the World Health Organization (WHO), the Centers for Disease Control and Prevention (CDC), or other health organizations to manipulate potential victims into sharing personal information.
Most COVID-19 Phishing is Slightly Altered Rethreads
The majority of phishing scams are more or fewer remixes of previous ones, slightly altered to tie in with the ongoing pandemic. The attackers adapt their existing infrastructure, such as phishing, ransomware, and malware, to include COVID-19 keywords, preying on people's fears. There is good news for New Zealand, who registered the second-lowest malware rate across the entire region, with a 1.24% in 2019, a 39% decrease over last year. They also registered an all-time low ransomware record of 0.01% and the least drive-by download attacks. Even more encouraging is that after registering the 11th highest cryptocurrency mining encounter rate in the region in 2019, New Zealand attacks have fallen by 80% over the previous year. The fall in activity may be explained with the fluctuating value of cryptocurrencies, and the increased time it takes to generate, which forces criminals to move on to other options.
New Zealand's Computer Emergency Response Team (CERT) reported that recent attacks were affecting businesses operating in New Zealand, specifically Lion, Fisher and Paykel, BlueScope Steel, Toll Group, and Honda. Companies need to remain vigilant, especially remotely working as a measure against the pandemic.
How Can Businesses Guard against COVID-19-Themed Cybercrimes?
- Having strong tools to protect employees and infrastructure, with multi-layered defenses and Multi-Factor Authentication (MFA) for employees working remotely. Enabling endpoint protection against unsanctioned app usage is also necessary.
- Ensuring employee guidelines are communicated without complications to employees. That includes information used to identify phishing attempts, as well as understanding the difference between official communications and fake messages meant to compromise company security, reporting such suspicious messages internally.
- Choosing a trusted application for audio and video calls and file sharing, one with proven end-to-end encryption.
What Can Individual Users Do?
- Updating all devices with the latest security updates and using antimalware services at all times.
- Be watchful of links and attachments from unknown senders that may carry malware or scams.
- Use Multi-Factor Authentication (MFA) on all your accounts. Most services provide mobile device authentication methods to protect accounts from intrusions.
- Learning how to recognize phishing attempts and to report suspected encounters includes being on the lookout for suspicious links and attachments.