World Health Organization Sees Dramatic Uptick in Cyber Attacks -- Security Today

World Health Organization Sees Dramatic Uptick in Cyber Attacks

Nearly 450 active email addresses and passwords used by WHO staff have been leaked online, and the public has received email scams from people posing as staff.

By Ralph C. Jensen
Apr 24, 2020

Ever since the start of the COVID-19 attacks, the World Health Organization (WHO) has seen a dramatic uptick in the number of cyber attacks affecting its staff, as well as email scams targeting the public.

Nearly 450 active WHO email addresses and passwords have been leaked online, according to the organization. Thousands of those email addresses belong to others working on the novel coronavirus response.

The WHO system was not put at risk, because the leaked credentials and data was not recent information. An older extranet system was impacted, which is used by current and retired staff. WHO partners were also impacted. WHO staff is now migrating affected systems to a more secure authentication system.

The scammers were impersonating WHO in emails, and have increasingly targeted the general public as a means to channel donations to a fictitious fund and not the organization’s COVID-19 Solidary Response Fund. The current number of cyber attacks is five times more than the number directed at WHO last year.

“Ensuring the security of health information for member states and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic. We are grateful for the alerts we receive from member states and the private sector. We are all in this fight together,” said Bernardo Mariano, WHO’s chief information officer.

WHO is working with the private sector to establish more robust internal systems and to strengthen security measures and is educating staff on cybersecurity risks.

“Organizations such as WHO will be targets because they are very visible to the current crisis and will be taking in large numbers of new, global contact details as they bring everyone together to work toward a solution,” said Laurence Pitt, cybersecurity marketing and strategy director at Juniper Networks.

Pitt added: “For an attacker, the theft of email addresses from WHO is valuable because they would expect for the list to contain up-to-date and relevant details that can be leveraged in the generation of scams and phishing campaigns. But migration of affected systems after an attack is a response, not a solution. Any organization dealing with current, relevant personal details should be reviewing data security and looking to airgap, encrypt or add additional security, in order to prevent a breach from occurring in the first place.”

Asking the public to remain vigilant, WHO staff warn against fraudulent emails. They also recommend the use of reliable sources to obtain factual information about COVID-19 and other health issues.

About the Author

Ralph C. Jensen is the Publisher/Editor in chief of Security Today magazine.

Amerant Bank Selects Omnilert AI Technology for Enhanced Video Surveillance Security
05/02/2025
Minnesota County Is Still Reaping Huge Benefits from ASAP Service
05/01/2025
Winsted Unveils Pinnacle Collection with Sliding Worksurface
04/30/2025
Everon Awarded Sourcewell Cooperative Purchasing Contract
04/30/2025
Honeywell Signs Global Distribution Agreement With Milestone Systems
04/28/2025
DSI Security Services Announces Leadership Reorganization and Strategic Growth Initiatives
04/21/2025
Everon Appoints Enterprise Security Veterans to Top Sales Leadership Roles
04/17/2025
Reconeyez Appoints Peter Young as New CEO to Lead Next Phase of Growth
04/16/2025

Featured

Verizon’s 2025 Data Breach Investigations Report Notes Alarming Cyberattack Surge Through Third Parties

Verizon Business recently released its 2025 Data Breach Investigations Report (DBIR), which reveals a significant increase in cyberattacks. The report found that third-party involvement in breaches has doubled to 30%, and exploitation of vulnerabilities has surged by 34%, creating a concerning threat landscape for businesses globally. Read Now
- Cybersecurity
Net2 Access Control Increases Reliability at Residential Complex

Encore Atlantic Shores is a residential complex of 240 luxurious townhomes for ages 55 and over in Eastport, New York. Completed in 2011, the site boasts an 11,800 square foot clubhouse, with amenities such as a fitness center, heated indoor pool, whirlpool spa, multi-purpose ballroom, cardroom and clubroom with billiards, tennis courts and an outdoor putting green. Read Now
- Access Control
Security Today Announces The Govies Government Security Award Winners for 2025

Security Today is pleased to announce the 2025 winners in The Govies Government Security Awards. The awards honor outstanding government security products in a variety of categories. Read Now
- Government
Survey: 60 Percent of Organizations Using AI in IT Infrastructure

Netwrix, a cybersecurity provider focused on data and identity threats, today announced the release of its annual global 2025 Cybersecurity Trends Report based on a global survey of 2,150 IT and security professionals from 121 countries. It reveals that 60% of organizations are already using artificial intelligence (AI) in their IT infrastructure and 30% are considering implementing AI. Read Now
- Cybersecurity
New Research Reveals Global Video Surveillance Industry Perspectives on AI

Axis Communications, the global industry leader in video surveillance, has released its latest research report, ‘The State of AI in Video Surveillance,’ which explores global industry perspectives on the use of AI in the security industry and beyond. The report reveals current attitudes on AI technologies thanks to in-depth interviews with AI experts from Axis’ global network and a comprehensive survey of more than 5,800 respondents, including distributors, channel partners, and end customers across 68 countries. The resulting insights cover AI integration and the opportunities and challenges that exist with regard to security, safety, business intelligence, and operational efficiency. Read Now
- Artificial Intelligence

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.
AC Nio

Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.
EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.