Although coronavirus-related cyberattacks received significant attention early in the pandemic, Microsoft (opens in new tab) believes the threat posed was largely overstated.
A new blog (opens in new tab) published by the Microsoft Threat Intelligence Protection Team outlines how the volume of malware threats detected worldwide did not vary significantly during the pandemic, and coronavirus malware accounted for “barely a blip" in the total volume recorded
Microsoft claims opportunistic malware and phishing attacks began after the World Health Organization (WHO) first started using the title “Covid-19” in February. These attacks peaked, however, in early March and have since settled into a consistently low cadence.
- Here's our list of the best ransomware protection services (opens in new tab) around
- Check out our list of the best malware removal software (opens in new tab) available
- We've built a list of the best identity management services (opens in new tab) out there
According to Microsoft, cybercriminals are by nature opportunists; lures change frequently and fluidly, but the underlying malware remains consistent.
During the peak of the crisis, hackers deployed bespoke attacks in each territory, attaching malware campaigns to events of specific local concern.
In the UK, for example, coronavirus malware attacks peaked after the first confirmed death and again following the FTSE 100 crash and introduction of the US travel ban.
However, while the number of coronavirus-related cyberattacks spiked at various junctures, the overall number of cyberattacks shifted little from the usual rate, suggesting cybercriminals altered planned attacks rather than launching entirely new campaigns.
“Covid-19-themed attacks are just a small percentage of the overall threats Microsoft has observed over the last four months,” reads the blog post. “Based on the overall trend of attacks it appears that the themed attacks were at the cost of other attacks in the threat environment.”
The best defence against the kinds of opportunistic, localized attacks identified over the past few months, according to Microsoft, is an emphasis on training end users how to spot phishing (opens in new tab) and social engineering attacks - as well as a commitment password best practices.
“Defender investment is best placed in cross-domain signal analysis, update deployment and users education...Investments that raise the cost of attack or lower the likelihood of success are the optimal path forward,” Microsoft noted.
- Here's our list of the best antivirus software (opens in new tab) on the market