who flag

World Health Organization Sees Dramatic Uptick in Cyber Attacks

Nearly 450 active email addresses and passwords used by WHO staff have been leaked online, and the public has received email scams from people posing as staff.

Ever since the start of the COVID-19 attacks, the World Health Organization (WHO) has seen a dramatic uptick in the number of cyber attacks affecting its staff, as well as email scams targeting the public.

Nearly 450 active WHO email addresses and passwords have been leaked online, according to the organization. Thousands of those email addresses belong to others working on the novel coronavirus response.

The WHO system was not put at risk, because the leaked credentials and data was not recent information. An older extranet system was impacted, which is used by current and retired staff. WHO partners were also impacted. WHO staff is now migrating affected systems to a more secure authentication system.

The scammers were impersonating WHO in emails, and have increasingly targeted the general public as a means to channel donations to a fictitious fund and not the organization’s COVID-19 Solidary Response Fund. The current number of cyber attacks is five times more than the number directed at WHO last year.

“Ensuring the security of health information for member states and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic. We are grateful for the alerts we receive from member states and the private sector. We are all in this fight together,” said Bernardo Mariano, WHO’s chief information officer.

WHO is working with the private sector to establish more robust internal systems and to strengthen security measures and is educating staff on cybersecurity risks.

“Organizations such as WHO will be targets because they are very visible to the current crisis and will be taking in large numbers of new, global contact details as they bring everyone together to work toward a solution,” said Laurence Pitt, cybersecurity marketing and strategy director at Juniper Networks.

Pitt added: “For an attacker, the theft of email addresses from WHO is valuable because they would expect for the list to contain up-to-date and relevant details that can be leveraged in the generation of scams and phishing campaigns. But migration of affected systems after an attack is a response, not a solution. Any organization dealing with current, relevant personal details should be reviewing data security and looking to airgap, encrypt or add additional security, in order to prevent a breach from occurring in the first place.”

Asking the public to remain vigilant, WHO staff warn against fraudulent emails. They also recommend the use of reliable sources to obtain factual information about COVID-19 and other health issues.

About the Author

Ralph C. Jensen is the Publisher of Security Today magazine.

Featured

  • Using Modern Technology

    Using Modern Technology

    Workplace violence is a serious and growing challenge for many organizations — including those in the healthcare industry. Read Now

  • The Core Value Proposition

    The Core Value Proposition

    Machine and deep learning algorithms are everywhere in our lives. Masquerading as AI, they are only in their infancy. Have a conversation with a ChatGPT chatbot, and it becomes clear just how far we have come in a short time and how far we have to go. Read Now

  • Progressing in Capabilities

    Progressing in Capabilities

    Hazardous areas within industries like oil and gas, manufacturing, agriculture and the like, have long-sought reliable video surveillance cameras and equipment that can operate safely in these harsh and unpredictable environments. Read Now

  • A Comprehensive Nationwide Solution

    A Comprehensive Nationwide Solution

    Across the United States, manufacturing facilities, distribution centers, truck yards, parking lots and car dealerships all have a common concern. They are targets for catalytic converters. In nearly every region, cases of catalytic converter thefts have skyrocketed. Read Now

Featured Cybersecurity

New Products

  • Paxton10 CORE Cameras

    Paxton10 CORE Cameras

    The new CORE Series cameras feature edge processing for ultimate scalability, built-in edge storage, and plug-and-play installation. The addition of the CORE Series gives installers new hardware, better choice, and more value than ever before. 3

  • Genetec Security Center

    Genetec Security Center

    This major new release allows more system components to run in the cloud, reducing the gap between cloud and on-premises security systems. It also makes it easier to connect external systems and tap external data for use in dashboards, maps and investigations without relying on complex, specialized integrations. 3

  • PDK IO Access Control Software

    PDK.IO Access Control Software

    ProdataKey now allows for "custom fields" within the interface of its pdk.io software. Custom fields increase PDK's solutions' overall functionality by allowing administrators to include a wide range of pertinent data associated with each user. 3