Microsoft warns public of COVID-19-related cyberattacks
The company found that among millions of global phishing e-mails, around 60,000 were related to COVID-19, with the senders pretending to come from official organizations such as the World Health Organization.
Microsoft Indonesia president director Haris Izmee said that COVID-19 was being used to trick users into opening malicious e-mails, giving hackers the opportunity to infiltrate networks and obtain private information.
“We found that the threats were largely old attacks that had been altered slightly to be associated with the pandemic. This means attackers use their existing infrastructure, such as phishing and other malware delivery tools and enter the COVID-19 keywords,” he said in a media release on June 26.
Haris suggested that businesses set up multi-layer authentication for their remote workers, activate endpoint protection and introduce digital safety protocols for employees. Employees are also encouraged to learn how to detect phishing messages and install anti-virus tools or software.
With social restrictions in place to prevent the virus from easily spreading, many businesses have instituted work-from-home policies for their workers.
The National Cyber and Encryption Agency (BSSN) previously stated that Indonesia had recorded more than 88 million cyberattacks during the first four months of the year, with March seeing the highest average of daily attacks. More than half of the cyberattacks were Trojan horses, or malware designed to look legitimate, followed by phishing scams and web application attacks.
According to a Microsoft report titled Security Endpoint Threat Report 2019, developing countries, including Indonesia, Sri Lanka, India and Vietnam, were most vulnerable to malware and ransomware threats in 2019.
Indonesia recorded the highest rate of malware attack last year, followed by Sri Lanka and Vietnam. Meanwhile, Vietnam saw the highest rate of ransomware attacks in the Asia-Pacific in 2019.
“Countries with higher piracy rates and lower cybersecurity knowledge are more likely to be affected by cyber threats,” Haris said, adding that software patching, the use of legitimate software and regular updates could reduce the risk of malware and ransomware infections.
Even though the region’s overall cyber threat declined last year, malware and ransomware attacks in the Asia-Pacific were respectively 1.6 times and 1.7 times higher than the global average.
“If you ask me when companies should invest in security, I would say yesterday. Investing in security is like investing in insurance. Sometimes people realize that they need it [only] when there has been an attack. This is the mindset that needs to change," IBM Indonesia president director Tan Wijaya said on June 18.
Besides installing the necessary infrastructure, Tan suggested that companies educate their employees on basic digital safety, such as avoiding emails, website links or downloads from unknown sources.