Microsoft’s AccountGuard is now free for healthcare providers

15 Apr 2020

Image: © auremar/

In response to the growing number of cyberattacks on hospitals and clinics, Microsoft is now offering its AccountGuard anti-phishing service to healthcare providers for free.

On Tuesday (14 April), Microsoft announced that its AccountGuard security service would be made free to healthcare providers until the Covid-19 pandemic subsides. Microsoft currently only provides the anti-phishing service to a small number of users.

In a blogpost, Tom Burt, Microsoft’s corporate vice-president of customer security and trust, acknowledged that there is a growing concern about cyberattacks impacting frontline healthcare workers and facilities.

Future Human

Burt pointed to recent criminal and nation-state attacks targeting healthcare facilities in Paris, the Czech Republic, Spain, Thailand and the US. In late March, the World Health Organization reported that cyberattacks targeting the body have doubled in recent months as attackers take advantage of the Covid-19 crisis.


In response, Microsoft said that its AccountGuard threat notification service will be available at no cost to healthcare providers dealing with the spread of Covid-19.

It said the offer is open to hospitals, care facilities, clinics, labs, pharmaceutical, life sciences and medical device companies that are researching, developing and manufacturing Covid-19-related treatments, as well as human rights and humanitarian organisations around the world.

AccountGuard was first offered to political campaigns in 2018 as part of Microsoft’s Defending Democracy programme. The service was set up to monitor nation-state threat actors targeting enterprise and personal email accounts of employees and volunteers who opted into the service.

‘Our teams at Microsoft have detected and responded to attacks targeting the healthcare sector in many countries, and we know they are coming from criminals and multiple nation states’

The threat notification service is available to organisations using Office 365 for business email and extends additional security to the personal accounts of workers who use Microsoft’s consumer email services, such as Outlook and Hotmail.

With the platform, Microsoft’s threat intelligence team immediately notifies users about threats so that they can take steps to stop an attack. The company said that Amnesty International, CyberPeace Institute, Freedom House, Human Rights Watch and Physicians for Human Rights are among the humanitarian organisations that have already registered for AccountGuard during this period.

Burt wrote: “Our teams at Microsoft have detected and responded to attacks targeting the healthcare sector in many countries, and we know they are coming from criminals and multiple nation states.

“In addition, our threat intelligence teams have identified nation-state attacks against human rights organisations around the world for some time, both prior to and during the Covid-19 pandemic.”

Preventing cyberattacks

Burt added that “every patient deserves the best possible healthcare treatment” and that providing care to patients is “challenging enough but is being made more difficult by cyberattacks”.

He noted that a cyberattack on Brno University Hospital in the Czech Republic resulted in delays in Covid-19 testing, as well as patients being turned away and treatments being postponed. Burt said that a common factor in “nearly all” of these attacks is a person and an email.

“An attacker will often disguise malicious content as a message from a health authority or medical equipment provider,” he wrote. “These emails sent to work or home inboxes seek to obtain the person’s credentials and often contain documents or links that will infect a computer and spread the infection through a network, enabling attackers to control it.”

Burt concluded that it is important to take steps to ensure that you trust the sender of an email before you open it, whether you are a healthcare worker or not. Microsoft recently published advice on how the general public can protect themselves from Covid-19 phishing attacks, which can be read here.

Kelly Earley was a journalist with Silicon Republic