Cyber threats are becoming more sophisticated, finds Microsoft

Cyber threats are becoming more sophisticated, finds Microsoft

Criminals imitate trusted Covid-19 sources like the WHO to trick their victims

Elly Yates-Roberts |

Cyber threats are becoming more sophisticated, according to Microsoft’s latest Digital Defense Report. As the Covid-19 pandemic has worsened, criminals have started to imitate trusted sources like the World Health Organization to trick their victims into clicking on malicious links.

The report analysed trillions of threat signals and identified cybersecurity threats and trends from the past year, informed by telemetry from over 1.2 billion PCs, servers and internet of things devices that access Microsoft services, as well as data from 630 billion authentication events, 470 billion emails and over 18 million URLs.

Microsoft found that threat actors have started to use techniques that make them harder to spot, with China, Russia and the US being hit the hardest. 

“Cyberattacks are evolving every day,” said Mary Jo Schrade, assistant general counsel of Microsoft’s Asian Digital Crimes Unit. “As the Digital Defense Report notes, cybercriminals are opportunistic and have capitalised on interest and fear related to the Covid-19 pandemic and other disruptive events. They have expanded the way they leverage computers that are infected with malware, adding modules or changing the nature of the attacks for which they leverage them.

“They have also focused on targeting their ransomware activities toward entities that cannot afford to be offline or without access to records during critical periods of the pandemic, like hospitals and medical research institutions. Concerted efforts from organisations, governments and businesses are key to addressing these wide-ranging online threats.”

The report also noted that the increased numbers of people working from home have made it harder to enforce traditional security protocols. 

“Organisations should adopt stronger cyber hygiene practices and tools to safeguard employees and infrastructure,” said Schrade. “These include adopting multi-factor authentication, using good email hygiene (including limiting or disabling auto-forwarding of emails), timely patching and updating of apps and software, and putting in place network segmentation to keep cybercriminals from easily accessing the entire network if they do gain access.”

To find out more, download the full Digital Defense Report.

Subscribe to the Technology Record newsletter

  • ©2024 Tudor Rose. All Rights Reserved. Technology Record is published by Tudor Rose with the support and guidance of Microsoft.