Reuters: Cybercrime tried to break into the World Health Organization (WHO) earlier this month. The objective: steal information on coronavirus
Cybercrime tried to break into the World Health Organization (WHO), according to Reuters. The identity of the hackers was unclear and the effort was unsuccessful, WHO Chief Information Security Officer Flavio Aggio said. However, he warned that hacking attempts against the agency and its partners have soared. Especially as they battle to contain the coronavirus emergency. The attempted break-in was first flagged by Alexander Urbelis, a cyber security expert which tracks suspicious Internet domain registration activity. He picked up on the activity around March 13. This when a group of hackers he had been following activated a malicious site mimicking the WHO’s internal e-mail system. “I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic,” he said.
The cyber security experts: It could be the work of DarkHotel, which has been conducting cyber espionage operations since at least 2007
Urbelis said he did not know who was responsible. However, two other sources said they suspected DarkHotel. It’s a group of hackers which has been conducting cyber espionage operations since at least 2007. Asked by Reuters about the incident, Aggio confirmed that the site spotted by Urbelis had been used in an attempt to steal passwords from multiple agency staffers. “There has been a big increase in targeting of the WHO and other cyber security incidents,” he explained. “There are no hard numbers, but such compromise attempts against us and the use of [WHO] impersonations to target others have more than doubled.” Moreover, the agency published recently an alert, warning that hackers are posing as WHO to steal money and sensitive information from the public.
Any information about cures or tests or vaccines relating to pandemic would be priceless and the priority of any intelligence organization of an affected country
According to cyber security firms Bitdefender and Kaspersky, cybercrime hackers could have targeted information on anti-coronavirus efforts. In fact, many of DarkHotel’s operations have been traced in East Asia. The area has been particularly affected by the COVID-19. Specific targets have included government employees and business executives in China, North Korea, Japan and the US. Any information about cures or tests or vaccines relating to pandemic, in fact, would be priceless and the priority of any intelligence organization of an affected country. However, there is no solid evidence that the threat group is responsible of the attacks.