Microsoft extends AccountGuard service to healthcare orgs during COVID-19

The cybersecurity program will be made available to hospitals, clinics, labs, frontline providers, device manufacturers and life sciences companies that are researching treatments.
By Nathan Eddy
01:26 PM

Microsoft has announced the expanded availability of its AccountGuard security service program to help healthcare organizations guard against cyber attacks from nation-states.


The software giant is making AccountGuard available to a number of healthcare providers, including hospitals, care facilities, clinics, labs and clinicians, as well as pharmaceutical, life sciences and medical device companies researching, developing and manufacturing COVID-19-related treatments.

The AccountGuard security service was first offered free to customers in the political space to account for the threats those organizations face, and it is available to organizations using Office 365 for business email.

The service monitors threat actors targeting enterprise mailboxes and the personal email accounts of employees or volunteers who opt in, so providing Microsoft's threat-intelligence teams with an overview of typical attack avenues.

The team can then notify an organization enrolled in AccountGuard so that they can take steps to stop the attack. Microsoft can also provide guidance to help root out the source of the attack.

"In some cases, attackers could be looking for COVID-19-related intelligence, or to disrupt the provision of desperately needed care or supplies," Tom Burt, corporate vice president of customer security and trust, wrote in a blog post announcing the service extension.

The company is also extending availability of the service to human rights organizations, which are helping combat the pandemic through the support of hospitals in conflict zones or helping children who are out of school.

AccountGuard for Healthcare and AccountGuard for Human Rights Organizations will initially be available to organizations in the 29 countries where the service is already on offer. Microsoft said the offer would be made available until the COVID-19 pandemic subsides.

The blog post also noted that AccountGuard extends additional security to the personal accounts of their frontline workers who use Microsoft's consumer email services such as Outlook and Hotmail.

Microsoft has already rolled out a series of services to help bolster security during the outbreak, including advisories on protection from COVID-19-related phishing attacks, and plans to track and prevent cyber threats targeting healthcare organizations.


Cyber attacks continue to mount during the pandemic, from PPE phishing scams, to ransomware, to hospital supply chain risks, with hackers and scammers seizing on the chaos of the coronavirus crisis.

The World Health Organization has reportedly seen attempted cyber attacks double since the onset of the COVID-19 pandemic. A vaccine-testing facility has also been targeted with ransomware.


"Every patient deserves the best possible healthcare treatment, and we all need to thank and applaud the truly heroic work by those risking their own health to help those who are sick. Their work is challenging enough, but is being made more difficult by cyberattacks, now or in the future," said Burt in the Microsoft blog post.

"Some attacks, such as the one on Brno University Hospital, have resulted in delays in COVID-19 testing, new patients being turned away and treatments being postponed. Others, such as the attack in Illinois, have held up access to critical COVID-19-related healthcare guidance."

Nathan Eddy is a healthcare and technology freelancer based in Berlin.
Email the writer:
Twitter: @dropdeaded209


More regional news

A nurse holding a tablet

(Photo by FG Trade/Getty Images)

Macon Community Hospital Lafayette Tennessee RCM

Macon Community Hospital in Lafayette, Tennessee. (Credit: Macon Community Hospital)

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.