News

Hackers target WHO as coronavirus spread surges

Attacks on the organisation have dramatically increased since a pandemic was declared

24 Mar 2020

.polaris__post-meta--date { display: none; } .polaris__post-meta--date.no-script { display: block; padding-left: 45px } 24 Mar 2020

WHO logo

The World Health Organisation (WHO) revealed it had been the target of an unsuccessful hacking attempt that occurred at the start of March, as the coronavirus went from outbreak to pandemic.

The organisation's CISO, Flavia Aggio, told Reuters that it wasn't clear who had attempted to breach the WHO's security, but hacking attempts against the agency and its partners have doubled since the outbreak.

This latest attempt was first spotted by Alexander Urbelis, a cyber security expert and attorney with New York-based Blackstone Law Group. Urbeils had been following a group of hackers and spotted a malicious site mimicking the WHO's internal email system around 13 March.

Urbelis couldn't confirm who was behind the attack, but another unnamed source told Reuters they suspected an elite group known as DarkHotel.

There is very little detail on DarkHotel, but according to Securelist it's been operating since at least 2007 and has an alarming success rate with phishing campaigns.

The timing of this latest attack could not come at a worse time for the WHO, as COVID-19 spreads around the world, but this is just one of a number of attempts to breach its security.

"Criminals are disguising themselves as WHO to steal money or sensitive information," the organisation wrote in a blog post. "If you are contacted by a person or organisation that appears to be from WHO, verify their authenticity before responding.

"The only call for donations WHO has issued is the COVID-19 Solidarity Response Fund, which is linked to below. Any other appeal for funding or donations that appears to be from WHO is a scam."

Despite the global pandemic, cyber criminals are showing no ethical boundaries and will continue to attack wherever there could be a vulnerability, according to cyber security expert Jake Moore.

"What the cyber security industry needs to do now is come together and support each other," he said. "There is no better time to work collaboratively and share best practice. If the WHO is taken down, this pandemic could last longer than it needs to, so it is vital to help protect this organisation from attack."

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1638974102/itpro/Whitepaper%20covers/Diligent_Modern_Governance_cover.png { display: none !important; }

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1622545081/itpro/Whitepaper%20covers/Cloud_Op_Excellence.jpg { display: none !important; }

Watch now

A buyer’s guide to board management software

Improve your board’s performance

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1638982070/itpro/Whitepaper%20covers/board_management_software_thumb.png { display: none !important; }

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1638972797/itpro/Whitepaper%20covers/content_syndication_story_idc_business_brief_adw__1_.jpg { display: none !important; }

Download now