Hackers Target WHO as Coronavirus Cyber Attacks Raise

Hackers have tried to break into the World Health Organization (WHO) in previous month, sources have told Reuters, amid what a senior agency official said was a more than two-fold increase in cyber attacks.

Flavio Aggio (WHO Chief Information Security Officer) said:

The identity of the hackers was unclear and the effort was unsuccessful. But he warned that hacking attempts against the agency and its partners have soared as they battle to contain the corona virus, which has killed more than 16,000 people worldwide.

The attempted break-in at the WHO was first flagged to Reuters by Alexander Urbelis who is a cyber security expert and lawyer with the New York-based Blackstone Law Group, which tracks suspicious internet domain registration activity.

Image result for hackers target who coronavirus

Alexander Urbelis (Cyber Security Expert and Lawyer) said:

“I realised quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic.”

“He did not know who was responsible, but two other sources briefed on the matter said they suspected a group of hackers known as DarkHotel, which has been conducting cyber-espionage operations since at least 2007.”

Messages sent to email addresses maintained by the hackers went unreturned.

When asked by Reuters about the incident, the WHO’s Aggio confirmed that the site spotted by Urbelis had been used in an attempt to steal passwords from multiple agency staffers.

Flavio Aggio said:

“There has been a big increase in targeting of the WHO and other cybersecurity incidents.”

“There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”

Aljazeera post said that, Attacks against the WHO and attempts to impersonate the organisation have soared amid concern over the spread of the coronavirus [File: Issouf Sanogo/AFP]

Cybersecurity firms including Romania’s Bitdefender and Moscow-based Kaspersky said they have traced many of DarkHotel’s operations to East Asia – an area that has been particularly affected by the coronavirus.

Costin Raiu (Head of Global Research and Analysis at Kaspersky) said:

He could not confirm that DarkHotel was responsible for the WHO attack but said the same malicious web infrastructure had also been used to target other healthcare and humanitarian organisations in recent weeks.

“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organisation of an affected country.”

He tracked thousands of coronavirus-themed web sites being set up daily, many of them malicious.

“It’s still around 2,000 a day,  and I have never seen anything like this.”

Officials and cybersecurity experts have warned that hackers of all stripes are seeking to capitalise on international concern over the spread of the coronavirus.