WHO officials targeted with spear-phishing attacks in early March

WHO officials targeted with spear-phishing attacks in early March

world health organisation

A group of hackers tried to break into the World Health organisation’s system earlier this month to steal email credentials when the organisation was busy with handling the COVID-19 outbreak.

Flavio Aggio, the Chief Information Security Officer of WHO, has confirmed that the spear-phishing campaign, which took place when the organisation was preoccupied with the pandemic, was unsuccessful.

Alexander Urbelis, a cybersecurity expert and attorney with the Blackstone Law Group, told Reuters, that he observed “a live attack on the World Health Organization in the midst of a pandemic” that involved hackers activating questionable internet domains.

Urbelis said he identified suspicious activity around March 13, when the group of hackers he was following for months activated a malicious site identical to the WHO’s own email system. While he could not confirm the responsible party for this attack, other sources are doubting that it could be the work of an advanced group of hackers known as DarkHotel, which has been in operation since 2007.

WHO’s CISO Aggio told Reuters that the site that the hackers used was in an attempt to steal passwords of employees. “There has been a big increase in targeting of the WHO and other cybersecurity incidents. There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled,” he said.

Hackers are regularly targeting WHO to obtain information about cures, tests, and vaccines

Costin Raiu, head of global research and analysis at Kaspersky, also told Reuters that he could not confirm if DarkHotel was behind the cyber attack, but he has seen such malicious web infrastructure used to target other healthcare and humanitarian organisations in recent weeks. “At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organisation of an affected country,” he said.

Last month, WHO published an awareness post on their website informing people that hackers are posing as the agency to steal money and sensitive information from the public. In the awareness post, WHO confirmed that they will not ask for username or password to access safety information, send unsolicited email attachments, visit a link outside of www.who.int.

They have also stated that they do not charge for jobs, register for a conference, or reserve a hotel and never conduct lotteries or offer prizes, grants, certificates or funding through emails.

ALSO READ: Organisations are improving their password security, but not enough

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]