. home.aspx

NEWS

home.aspx
   


Leveraging Threat Intelligence to Tackle Cyberthreats in Times of COVID-19

June 16, 2020 / Swati Lunge
SHARESHARESHARE

  • Each year Microsoft releases its Security Endpoint Threat Report, which offers critical insights into cyber threat vectors identified by analysing.

  • Developed countries can largely be attributed to the varying levels of technological development and cyber hygiene practices, including the extent of the usage of genuine software across the region.

  • According to the Microsoft Threat Intelligence Protection team, every country in the world has seen at least one COVID-19 themed cyber attack.


In Asia Pacific, we leverage this data to analyze local trends in the ever-evolving threat landscape. The latest report, which covered a 12-month period from January to December 2019, revealed that developing markets in the region were most challenged by ransomware and malware encounters. In contrast, the developed markets struggled with an increased volume of drive-by download attacks. Within the region, the difference between developing and developed countries can largely be attributed to the varying levels of technological development and cyber hygiene practices, including the extent of the usage of genuine software across the region.


According to the Microsoft Threat Intelligence Protection team, every country in the world has seen at least one COVID-19 themed cyber attack, and, of the millions of targeted messages we see each day, roughly 60,000 involve COVID-19 related malicious attachments or malicious URLs, including attackers impersonating established entities like the World Health Organization (WHO) and other health related oragnizations to leverage these organizations’ credibility to trick people into clicking on links in unsolicited emails.



Read more: CYBERATTACKS ON CRITICAL INFRASTRUCTURES WITNESS SHARP RISE DURING THE PANDEMIC

According to the Microsoft Threat Intelligence Protection team, every country in the world has seen at least one COVID-19 themed cyber attack, and, of the millions of targeted messages .

~ Microsoft


In 2020, however, like almost everything else, the global COVID-19 pandemic has upended the playing field, accounting for new risks and trends impacting the volume and nature of the attack vectors. Cybersecurity awareness is particularly crucial at this time, as cyber criminals have taken advantage of the global situation. With business continuity and operational resilience at stake, awareness of key cybersecurity considerations is crucial, as many organizations look at a long-term shift towards work from home.


Security has proven to be the foundation for digital empowerment in a remote workforce. Cloud-based endpoint protection technology enables employees to work when, where, and how they need to work and can allow them to use the devices and apps they find most useful to get their work done. After all, security technology is fundamentally about improving productivity and collaboration through inclusive end-user experiences.


As organizations adapt to the new reality and its cybersecurity implications, there is an equally critical, if not higher, need to educate employees so they don’t become the weakest link in the security chain.


Over the past two years, Zero Trust has emerged as a key security philosophy for businesses. COVID-19 has allowed for a real-life demonstration of why it’s important. Companies relying on traditional ideas of securing workers through “walls and moats” at the perimeter (aka firewalls) were both more susceptible to COVID-19 themed threats and were less able to meet the demands of a newly remote workforce.


Zero Trust shifted from an option to a business imperative in the first 10 days of the pandemic. The Zero Trust architecture will eventually become the industry standard, which means everyone is on a Zero Trust journey whether they know it or not. Diverse data for better threat intelligence – A blend of automated tools and human based insights are needed to identify new COVID-19 themed threats. With adversaries adding new pandemic themed lures to their phishing attacks, organizations need to bolster their security foundation with strong threat intelligence, which is derived from analyzing a diverse set of products, services and feeds from around the globe.


Read more: GOOGLE TOP CHOICE FOR CYBERCRIMINALS FOR BRAND-IMPERSONATION SPEAR-PHISHING CAMPAIGNS