who flag

World Health Organization Facing Cyber Attacks During Coronavirus Response

A malicious site imitating the WHO’s email system was created to collect the account information of the organization’s employees.

The World Health Organization is facing a “more than two-fold increase” in cyber attacks amid its efforts to organize a worldwide response to the coronavirus pandemic, according to a Reuters report.

Flavio Aggio, the WHO’s chief information security officer, said that the identity of the “elite” hackers who attempted to break into the organization’s cyber infrastructure is unclear. Their efforts were unsuccessful, Aggio added.

“There has been a big increase in targeting of the WHO and other cybersecurity incidents,” Aggio told Reuters. “There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”

Cybersecurity expert Alexander Urbelis flagged the attempted attack to Reuters after noticing that a group of hackers had created a malicious site imitating the WHO’s internal email system. The activity began around March 13, Urbelis said.

“I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic,” Urbelis said.

Read More: As Hospitals, Nursing Homes Battle Coronavirus, Security Companies Offer Assistance With Cybersecurity Attacks

He could not identify who was responsible, but several sources told Reuters that they suspect DarkHotel, a group of advanced hackers, is behind the incident.

Costin Raiu, the head of global research and analysis at cybersecurity firm Kapersky, said that while he could not confirm that DarkHotel was behind the WHO incident, the same type of attack is being used against healthcare organizations in the wake of the coronavirus crisis.

“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country,” Raiu told Reuters.

Several cybersecurity firms have been tracking the creation of coronavirus-related websites, finding that a high percentage are malicious and trying to scam consumers out of their money and financial information.

Urbelis said that there are still at least 2,000 new domains registered each day, many of which contain malware or are scamming people: “I’ve never seen anything like this.”

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

Featured Cybersecurity

Webinars

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3