This article was published on May 15, 2020

Microsoft open-sources its coronavirus threat data for security researchers


Microsoft open-sources its coronavirus threat data for security researchers Image by: Pixabay / Efes Kitap

For the last couple of months, cybercriminals have taken advantage of the coronavirus pandemic to launch a series of attacks on individuals and companies, with a COVID-19 angle. In order to fight these threats, Microsoft has open-sourced its threat knowledge to help the security community build protective solutions for users.

The company said it already provides a cover against coronavirus-themed attacks to customers using Microsoft Threat Protection (MTP) through products like Microsoft Defender. However, now it’s open-sourcing knowledge for people who might not be protected by MTP. As a part of the announcement, Microsoft has released new indicators to detect these attacks.

For its enterprise customers using Azure Sentinel, a cloud-based security analysis tool for companies, the Seattle-based firm has provided a guided notebook that security teams use to protect themselves against attacks. Microsoft is also making the threat data easily available to any company using the Malware Information Sharing Platform (MISP), an open-source threat intelligence platform. 

The company said this indicator list is built by processing trillions of signals each day across cloud services, applications, and emails:

Microsoft processes trillions of signals each day across identities, endpoint, cloud, applications, and email, which provides visibility into a broad range of COVID-19-themed attacks, allowing us to detect, protect, and respond to them across our entire security stack.

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

A recent report by BitDefender suggests malware and ransomware cyberattacks in the healthcare sector have increased significantly in the past three months as compared to the last year.

Credit: BitDefender
ransomware and cyberattacks on healthcare spiked during the pandemic

In another report, cybersecurity company Nuspire said phishing attacks have increased by 171% in the last three months. A lot of these incidents suggest that cybercriminals are designing threats around COVID-19 testing, maps, government notifications, and stimulus packages.

Hopefully, Microsoft’s data will help security researchers build solutions that can thwart coronavirus-related attacks in an efficient manner.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with