Indians targeted by 9,100 covid-themed cyber attacks between Feb 2-May 2: Microsoft

New Delhi: Cyber crooks have been taking advantage of the COVID-19 crisis to defraud people using ransomware and phishing attacks on people. More than 9,000 coronavirus-themed attacks were detected in India between February 2 and May 2, a Microsoft executive said.

"Between February 2 and May 2, we saw 9,100 total file encounters related to COVID-19 or coronavirus," Microsoft Corp Corporate Vice President (Cybersecurity Solutions Group) Ann Johnson told reporters on a conference call. “It means our detection tools actually saw malware or URL or an attachment or a phishing email that was using COVID-19 as a lure to get somebody to download malware to the system or potentially to give up their credentials via a phishing attack.”

About 19 million such attacks were noted in Asia, she added.

India was actually one of the countries least affected among those that Microsoft tracks, apart from Australia, she said. “So, India had some pretty good controls in place," she said.

She noted that cybercriminals are taking advantage of the coronavirus outbreak, and are targeting employees with phishing lures and malware.

"That is exacerbated by the fact that workforces are now largely remote and under a lot of stress. They may not have been equipped in their homes to work remotely...we really do believe that technology needs to help our employees, customers, employees and IT professionals to navigate this crisis...We're seeing a lot of different pockets of attacks," she said.

Johnson said some ransomware attacks would start in a department of an organisation, and once cybercriminals see that they can monetise that attack, they move to another department in the organisation to maximise impact.

She said some of these attacks claim things like if the person clicks on the given link, they will be the first of 1,000 people to get the newest coronavirus vaccine.

"So, there's this sense of urgency that the bad actors tried to drive to because they don't want the employees to have the opportunity to go ask a colleague," she said. “They know people are working from home potentially, so they can't just walk to the next cubicle or walk down the hall, they may have to phone somebody or e-mail them, and they give this urgency around these phishing attacks that the person must respond right away.”

Johnson said these attacks are targeting vulnerable places like healthcare organisations, state and local government, and critical infrastructure.

She said enterprises, at times like this, need to have "digital empathy" as employees are working remotely, potentially outside of the company's firewall.

Johnson said organisations should ensure that employees are given necessary tools and education, and that there are lines of communication available in case they face any issue.