Amid the outbreak of the coronavirus pandemic, the number of cyberattacks on the World Health Organization (WHO) has doubled. Officials and cybersecurity experts warn that the goal of the hackers is to make money on the international concern over the spread of COVID-19.
“Elite hackers” have attempted to break into the World Health Organization in the midst of the coronavirus pandemic, Reuters reported.
According to the report, a break-in attempt was initially flagged by Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group that tracks suspicious internet domain activations. The activity was picked up around 13 March, when hackers launched a site mimicking the WHO internal email system.
The spoof site was allegedly used to steal passwords from multiple agency staffers, WHO Chief Information Security Officer Flavio Aggio said.
“There has been a big increase in targeting of the WHO and other cybersecurity incidents,” Aggio said in a telephone interview with Reuters. “There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”
Urbelis did not say who was responsible for the attack, but Reuters, citing two unnamed sources, said that they suspect an advanced group of hackers named DarkHotel, known for cyber espionage since 2007. Their operations in East Asia – the area most affected by the COVID-19 – have been traced by such cybersecurity companies as Kaspersky and Bitdefender.
However, Costin Raiu, head of global research and analysis at Kaspersky, could not confirm that DarkHotel was responsible for the WHO attack.
Urbelis claimed that about 2,000 suspicious sites appear daily, and noted that many “are obviously malicious”.
Earlier in the month, the Department of Health and Human Services (HHS) in the US reported a hacking attempt. The incident was described by The New York Times as “a particularly aggressive effort to scan the department’s networks for vulnerabilities and to try to break into its email system”.