Jeremy Herold

Coronavirus Cyberattacks Spike as Hackers Target WHO

No Comments

Hackers are using this time of national crisis to get their thrills

Reuters is reporting that elite hackers tried to break into the World Health Organization earlier this month. Since the outbreak of the Coronavirus, there has been more than a two-fold increase in cyberattacks.

Flavio Aggio, WHO Chief Information Security Officer, stated that the identity of the hackers was unclear and that their effort was unsuccessful.

A cybersecurity expert and attorney with the New York based Blackstone Law Group, Alexander Urbelis, was the expert that noticed the attempted break-in at the WHO. The Blackstone Law Group tracks suspicious internet domain registration activity.

Urbelis picked up on the activity of the hackers around March 13, 2020, when a group of hackers he’d been following activated a malicious site which mimicked the WHO’s internal email system.

He states, “I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic.”

While Urbelis has stated he doesn’t know who is responsible, two other Reuters sources briefed on the matter staid that they suspect an advanced group of hackers known as DarkHotel. DarkHotel has been conducting cyber-espionage operations since at least 2007.

When Reuters contacted the WHO, Flavio Aggio confirmed that the site spotted by Urbelis had been used in an attempt to steal passwords from multiple agency staffers.

“There has been a big increase in targeting of the WHO and other cybersecurity incidents,” Aggio said in a telephone interview with Reuters.  “There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”

The WHO published an alert last month warning that hackers are posing at the agency in order to steal money and sensitive information from the public.

Many cybersecurity firms, including Romania’s Bitdefender and Moscow-based Kaspersky have said they have traced many of DarkHotel’s operations to East Asia. Specific targets of the group have included employees and business executives in many countries, including China, North Korea, Japan, and the United States.

Costin Raiu of Kasersky could not confirm that DarkHotel was responsible for the WHO attack, but said the same malicious web infrastructure had also been used to target other healthcare and humanitarian organizations in recent weeks.

Officials and cybersecurity experts have warned that hackers of all kinds are seeking to capitalize on international concern over the spread of the coronavirus.

Urbelis stated that he has tracked thousands of coronavirus-themed websites being set up daily. Many of those sites are obviously malicious.

“It’s still around 2,000 a day,” Urbelis said. “I have never seen anything like this.”

As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648

Subscribe to our newsletter!

More from our blog

See all posts
No Comments
Jeremy Herold information