Microsoft open-sources Covid-19 threat data for security researchers

Cybercriminals have been taking advantage of the pandemic to launch attacks on both individuals and companies using Covid-19 as a bait. To help deal with this, Microsoft has open-sourced its threat knowledge to help security researchers build protective solutions for users.

Microsoft has said that it already provides a cover against coronavirus-related attacks to all those using Microsoft Threat Protection (MTP) through products like the Microsoft Defender. However, to make this protection more accessible to others, the company is now open-sourcing knowledge for all those who are not covered by MTP. As a part of the announcement, Microsoft has released new indicators that can detect these attacks.

Microsoft has said this indicator list is “built by processing trillions of signals each day across cloud services, applications, and emails” - “Microsoft processes trillions of signals each day across identities, endpoint, cloud, applications, and email, which provides visibility into a broad range of Covid-19-themed attacks, allowing us to detect, protect, and respond to them across our entire security stack”.

For enterprise customers using Azure Sentinel, which is a cloud-based security analysis tool, Microsoft is providing a guided notebook that security teams use to protect themselves against attacks. Microsoft is also making the threat data easily available to any company using the Malware Information Sharing Platform (MISP). MISP is an open-source threat intelligence platform.

Recent reports from BitDefender and cybersecurity company Nuspire have indicated that malware and ransomware attacks have increased across the globe significantly over the past three months.