US CISA, FBI, and CNMF cybersecurity experts: APT employs common social engineering tactics, spearphishing, and watering hole attacks to exfiltrate information.
Microsoft protects for free healthcare organizations, involved in the coronavirus fight, against cybercrime. The AccountGuard threat notification service will be available at no cost
Microsoft offers free protection to healthcare organizations, human rights and humanitarian organizations around the world against cybercrime. The AccountGuard threat notification service will be available at no cost. The company explained on its blog that is deeply concerned about cyber attacks impacting workers on the front lines of the COVID-19 fight. News reports have shown recent criminal or nation-state attacks targeting Brno University Hospital in the Czech Republic, Paris’ hospital system, the computer systems of Spain’s hospitals, hospitals in Thailand, medical clinics in the U.S. state of Texas, a healthcare agency in the U.S. state of Illinois and even international bodies such as the World Health Organization (EHO). Microsoft cyber security teams have also detected and responded to attacks targeting the healthcare sector in many countries, and know they are coming from criminals and multiple nation-states. In addition, their threat intelligence teams have identified nation-state attacks against human rights organizations around the world for some time, both prior to and during coronavirus9 pandemic.
The cyber security experts: Attacks on healthcare sector have 2 things in common, a person and email
According to the cyber security experts, some attacks, such as the one on Brno University Hospital, have resulted in delays in COVID-19 testing, new patients being turned away and treatments being postponed. Others, such as the attack in Illinois, have held up access to critical coronavirus-related healthcare guidance. Nearly all these attacks have two things in common: a person and email.Cybercrime will often disguise malicious content as a message from a health authority or medical equipment provider. These emails sent to work or home inboxes seek to obtain the person’s credentials and often contain documents or links that will infect a computer and spread the infection through a network, enabling attackers to control it. In some cases, attackers could be looking for COVID-19-related intelligence, or to disrupt the provision of desperately needed care or supplies.
How AccountGuard will protect people involved in COVID-19 fight
Microsoft AccountGuard, which Miscrosoft first offered to political campaigns through our Defending Democracy Program, monitors nation-state threat actors targeting enterprise mailboxes and the personal email accounts of employees or volunteers who opt in. This gives threat intelligence teams a broad view of the avenues attackers typically use. When cyber security experts see such activity targeting an organization enrolled in AccountGuard, they notify them immediately so they can take steps to stop an attack or root out the attacker. AccountGuard has previously been available to political campaigns, parties, members of the U.S. Congress and democracy-focused non-profits. Nearly 100,000 email accounts in 29 countries are enrolled in AccountGuard and the company made 1,450 threat notifications to those participating.