Skip to main content

Hackers target WHO as coronavirus spreads

(Image credit: Shutterstock)

Along with disrupting business operations across the globe, the coronavirus outbreak has also led to a surge in cyberattacks and earlier this month, a group of elite hackers tried to break into the World Health Organization (WHO).

According to WHO chief information security officer Flavio Aggio, the identity of the hackers behind the attack was unclear and their efforts to infiltrate the organization were unsuccessful. However, he warned that hacking attempts against the agency and its partners have increased significantly during the coronavirus.

Reuters first became aware of the attempted cyberattack against the WHO when cybersecurity expert and attorney, Alexander Urbelis noticed that a group of hackers he had been tracking activated a malicious site impersonating the organization's internal email system.

When the news outlet asked Aggio about the incident, he confirmed that the site Urbelis had discovered had been used to try and steal passwords from multiple agency staffers.

DarkHotel

In a telephone interview with Reuters, Aggio revealed that there had been numerous attempts to compromise the WHO since the coronavirus began, saying:

“There has been a big increase in targeting of the WHO and other cybersecurity incidents. There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”

According to two sources briefed on the matter, they suspect that an advanced group of hackers known as DarkHotel, which has been operating since at least 2007, was responsible for the latest cyberattack against the WHO.

The cybersecurity firms Bitdefender and Kaspersky both said that they have traced many of DarkHotel's operations to East Asia. In addition to targeting the WHO, the hacking group has also targeted government employees and business executives in China, North Korea, Japan and the US.

Gaining the credentials of a WHO employee could be quite useful to DarkHotel or other hacking groups, so the chance of additional cyberattacks being launched against the organization remains high.

Via Reuters