Earlier this month, elite hackers tried to break into the World Health Organization (WHO), which is facing more than two-fold increase in cyberattacks since the coronavirus pandemic began, reports Reuters. According to WHO Chief Information Security Officer Flavio Aggio, the identity of the hackers was unclear, but the effort was unsuccessful. The number of hacking attempts against the agency and its partners has increased amid the coronavirus outbreak, added Flavio. Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, which tracks doubtful Internet domain registration activity, tipped off the attempted break-in at the WHO to Reuters. “I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic,” said Urbelis who detected the suspicious activity on March 13 when hackers he had been tracking began mimicking the WHO and its internal email system. While Urbelis said the identity of the hackers is unknown, other sources told Reuters that they suspected an elite hacking group called DarkHotel, a group that has been around since 2007, behind the attack. In the past, this hacking group has targeted officials and business in the U.S., China, Japan and North Korea. Aggio confirmed that Urbelis’ observations were correct and the site spotted by him had been used in an attempt to steal passwords from WHO workers. “There has been a big increase in targeting of the WHO and other cybersecurity incidents,” Aggio said. “There are no hard numbers, but such compromise attempts against us and the use of [WHO] impersonations to target others have more than doubled.” Aggio declined to say who precisely at the organisation the hackers had in their sights, but added that they are being regularly targeted by digital espionage campaigns amid coronavirus outbreak. Not just WHO, even other healthcare and humanitarian organisations have been targeted during the coronavirus pandemic in recent weeks. For instance, earlier this month, the Department of Health and Human Services (HHS) was targeted in a separate cyberattack. Last month, the WHO had released a warning on cyberattacks stating that criminals are disguising themselves as WHO to steal money or sensitive information. They are making use of email, websites, phone calls, text messages, and even fax messages for their scams. The warning said that if you are contacted by a person or organization that appears to be from WHO, you need to verify their authenticity before responding. It also added that the WHO will:
never ask for your username or password to access safety information never email attachments you didn’t ask for never ask you to visit a link outside of www.who.int never charge money to apply for a job, register for a conference, or reserve a hotel never conduct lotteries or offer prizes, grants, certificates or funding through email. You can also verify if communication is legit by visiting any one of the following links: Contact WHO Report a scam
According to Urbelis, thousands of coronavirus-themed websites are being set up daily, mostly malicious. “It’s still around 2,000 a day,” he said. “I have never seen anything like this.”