9,100 coronavirus-themed cyberattacks witnessed in India between Feb 2-May 2: Microsoft

Cybercrooks are using COVID-19 to make ransomware and phishing attacks on people, and over 9,000 coronavirus-themed attacks were noticed in India between February 2 and May 2, according to a Microsoft executive.

"Between February 2 and May 2, we saw 9,100 total file encounters related to COVID-19 or coronavirus. It means our detection tools actually saw malware or URL or an attachment or a phishing email that was using COVID-19 as a lure to get somebody to download malware to the system or potentially to give up their credentials via a phishing attack," Microsoft Corp Corporate Vice President (Cybersecurity Solutions Group) Ann Johnson told reporters on a conference call.

About 19 million such attacks were noted in Asia, she added.

"India was actually one of the lower countries or the only country that was lower (among) those we track was Australia so. So, India had some pretty good controls in place," she said.

She noted that cybercriminals are taking advantage of the coronavirus outbreak, and are targeting employees with phishing lures and malware.

"That is exacerbated by the fact that workforces are now largely remote and under a lot of stress. They may not have been equipped in their homes to work remotely...we really do believe that technology needs to help our employees, customers, employees and IT professionals to navigate this crisis...We're seeing a lot of different pockets of attacks," she said.

Johnson said some ransomware attacks will start in one department of an organisation. Once the cybercriminals see they can monetise that attack, they move to another department in the organisation to really maximise the impact.

She said some of these attacks will claim things like if the person clicks on the given link, they will be the first of 1,000 people to get the newest coronavirus vaccine.

"So, there's this sense of urgency that the bad actors tried to drive to because they don't want the employees to have the opportunity to go ask a colleague. They know people are working from home potentially, so they can't just walk to the next cubicle or walk down the hall, they may have to phone somebody or e-mail them, and they give this urgency around these phishing attacks that the person must respond right away," she said.

Johnson said these attacks are targeting vulnerable places like healthcare organisations, state and local government, and critical infrastructure.

She said enterprises, at times like this, need to have "digital empathy" as employees are working remotely, potentially outside of the company's firewall.

Johnson said organisations should ensure that employees are given necessary tools and education, and that there are lines of communication available in case they face any issue.