Hackers are using this
time of national crisis to get their thrills
Reuters is reporting that elite hackers tried to break into
the World Health Organization earlier this month. Since the outbreak of the
Coronavirus, there has been more than a two-fold increase in cyberattacks.
Flavio Aggio, WHO Chief Information Security Officer,
stated that the identity of the hackers was unclear and that their effort was
A cybersecurity expert and attorney with the New York based
Blackstone Law Group, Alexander Urbelis, was the expert that noticed the
attempted break-in at the WHO. The Blackstone Law Group tracks suspicious
internet domain registration activity.
Urbelis picked up on the activity of the hackers around
March 13, 2020, when a group of hackers he’d been following activated a
malicious site which mimicked the WHO’s internal email system.
He states, “I realized quite quickly that this was a live
attack on the World Health Organization in the midst of a pandemic.”
While Urbelis has stated he doesn’t know who is
responsible, two other Reuters sources briefed on the matter staid that they
suspect an advanced group of hackers known as DarkHotel. DarkHotel has been
conducting cyber-espionage operations since at least 2007.
When Reuters contacted the WHO, Flavio Aggio confirmed that
the site spotted by Urbelis had been used in an attempt to steal passwords from
multiple agency staffers.
“There has been a big increase in targeting of the WHO and
other cybersecurity incidents,” Aggio said in a telephone interview with
Reuters. “There are no hard numbers, but
such compromise attempts against us and the use of (WHO) impersonations to
target others have more than doubled.”
The WHO published an alert last month warning that hackers
are posing at the agency in order to steal money and sensitive information from
Many cybersecurity firms, including Romania’s Bitdefender
and Moscow-based Kaspersky have said they have traced many of DarkHotel’s
operations to East Asia. Specific targets of the group have included employees
and business executives in many countries, including China, North Korea, Japan,
and the United States.
Costin Raiu of Kasersky could not confirm that DarkHotel
was responsible for the WHO attack, but said the same malicious web
infrastructure had also been used to target other healthcare and humanitarian
organizations in recent weeks.
Officials and cybersecurity experts have warned that
hackers of all kinds are seeking to capitalize on international concern over
the spread of the coronavirus.
Urbelis stated that he has tracked thousands of
coronavirus-themed websites being set up daily. Many of those sites are
“It’s still around 2,000 a day,” Urbelis said. “I have
never seen anything like this.”
As always, if
we can be of help with your network or computer, give us a call here at RHYNO
Networks. (855) 749-6648