It has been well documented that cybercriminals are looking to leverage concerns about the COVID-19 pandemic in order to attack potentially vulnerable IT systems. With this landscape constantly changing, it is becoming increasingly important that cybersecurity researchers have enough data to work with in order to more effectively predict and prevent attacks.
It is the reason why Microsoft recently announced that it would be open-sourcing its COVID-19-related threat intelligence data to assist researchers.
“As a security intelligence community, we are stronger when we share information that offers a more complete view of attackers’ shifting techniques. This more complete view enables us all to be more proactive in protecting, detecting, and defending against attacks,” explained Microsoft in a blog post about the announcement.
It is part of the reason why Microsoft has set up a hub for COVID-19-related technology issues, and in particular publishing guidance for how organisations can tackle cybersecurity within their own environments.
“Microsoft processes trillions of signals each day across identities, endpoint, cloud, applications, and email, which provides visibility into a broad range of COVID-19-themed attacks, allowing us to detect, protect, and respond to them across our entire security stack,” the firm points out.
“Today, we take our COVID-19 threat intelligence sharing a step further by making some of our own indicators available publicly for those that are not already protected by our solutions. Microsoft Threat Protection (MTP) customers are already protected against the threats identified by these indicators across endpoints with Microsoft Defender Advanced Threat Protection (ATP) and email with Office 365 ATP,” it says.
The company is also making these insights available to those organisations not under its Threat Protection, with it detailing attackers’ shift in techniques, how to spot them, and how to enable custom hunting.
Moving forward, Microsoft says it will be maintaining this feed of threat intelligence throughout the peak of the COVID-19 pandemic.
“This COVID-specific threat intelligence feed represents a start at sharing some of Microsoft’s COVID-related IOCs. We will continue to explore ways to improve the data over the duration of the crisis,” it concludes.[Image – CC 0 Pixabay]