The World Health Organization has been under a lot of pressure in the last two months, not only due to the COVID-19 outbreak but also because of constant attacks on the digital front.
The coronavirus pandemic is still at full strength in most of the world’s countries. This is the time when the World Health Organization (WHO) needs to be as focused on battling the virus as possible. Unfortunately, this is a difficult thing to do as the organization is being constantly bombarded with attacks from hackers and scammers.
WHO Battles on Many Fronts
The number of cyber-attacks has seen a sharp rise since mid-March. This was also confirmed by Chief Information Officer, Bernardo Mariano. Mariano stressed that the WHO itself was not hacked, however, many of its officials were targeted.
Not only that, but hackers conducted phishing attacks against the organization’s employees. Websites like 4chan and Twitter even shared some login credentials allegedly belonging to WHO employees.
However, Mariano claims that these credentials come from previous breaches. He said that the hackers “are looking for the highest targets — the key officials involved with the COVID-19 work.”
Mariano also noted that,
“The cybersecurity team has never been busier, and we’ve had to increase resources to try to protect ourselves and be vigilant.”
Of course, while the WHO was not actually infiltrated as of yet, there have been plenty of attempts to do so. So far, the organization received as many as eight security alerts from various cybersecurity authorities. Before the pandemic, it barely had one per month.
Hacking groups like DarkHotel had plenty of activities in East Asia as well, targeting countries such as North Korea, Japan, and China. Similar attacks also hit plenty of other areas that were struck particularly hard by the coronavirus, such as Wuhan itself, where the virus supposedly originated from.
Similar problems emerged in Singapore in late January. Back then, the Singapore Computer Emergency Response Team issued an alert to warn internet users of a scam that was targeting the country’s citizens. All that the hackers needed was for the unsuspecting users to open a malicious email with a coronavirus-related subject line.
A Malicious Trend
Chief Information Security Officer at WHO, Flavio Aggio, said that the attacks remain unsuccessful, although the identity of the hackers also remains unclear. The first major attack came on March 13, which was flagged by Blackstone Law Group’s Alexander Urbelis. He investigated suspicious activity only to realize that it was an attack on the WHO.
Some sources believe that the hacking group called DarkHotel is responsible. This group has been conducting cyber-espionage operations for at least 13 years now.
The WHO then published an alert, explaining that the hackers might end up breaching its defenses, eventually. This could happen, and the public could start receiving unusual messages from the WHO. If it does, it should be aware of the possibility that the hackers were successful and are now after money and sensitive data.
There are also plenty of fake, coronavirus-themed websites that are clearly malicious. Bad actors are setting them up at an incredible speed, launching around 2,000 every day, according to Urbelis.