- A rise in cyberattacks has been noticed targeting WHO
- Other intelligence agencies that are vulnerable right now to fall for any sort of COVID-19 related information are also at threat
- A fake WHO email service set up to lure work-from-home staff
- A sharp rise in Coronavirus related domain registrations has been noticed worldwide
- DarkHotel hacking group is likely behind this WHO attack
While the World Health Organisation is working day and night to get a breakthrough on the worldwide pandemic caused by the novel Coronavirus, hackers are trying to get a breakthrough on the WHO itself.
Recently, the United Nations agency has reported more than 200% rise in the cyberattacks on it. DarkHotel, a cyber espionage group active since 2007 is suspected to be behind these attacks.
WHO had also warned people about several hackers trying to impersonate the agency to gain sensitive information like passwords from WHO staff and to illegally gain money in the name of donations from the public.
WHO’s Chief Information Security Officer, Flavio Aggio, said the identity of the hackers was unclear and the effort was unsuccessful.
But he warned that regular hacking attempts against the agency and its partners have soared as they battle to contain the coronavirus, which has killed thousands of people worldwide.
This news comes as no surprise to those who are familiar with cyber hacking patterns.
In terms of crisis, when a large group of people are the most vulnerable to certain kind of information, hackers try to infiltrate and lure their victims by impersonating as providers of credible information sources.
In the current COVID-19 crisis, the world is desperate for any kind of information that can help them stay safe and alert about the pandemic.
The only way for organisations as well as netizens to stay cyber safe is to use their own discretion while accessing and downloading information.
How hackers are targeting the World Health Organisation?
The Chief Information Security Officer at WHO, Flavio Aggio, reported that there has been a considerable increase in the cyberattacks against not just the WHO, but its partner agencies as well.
All this is being done while the UN agencies battle to fight the deadly Coronavirus from the world and their staff is ordered to work remotely.
The fact that all the targeted members are dispersed and working from their homes, by connecting online with each other, is why this cyber espionage could prove more deadly than it sounds.
The scope of successful penetration by the hackers increases with the increased dependence on digital means of communication and desperate need of information.
- A cybersecurity expert, Alexander Urbelis, had highlighted a hacking attempt at the WHO while he was keeping an eye on malicious domains.
- In mid March, he noticed that a group of hackers he had been tailing were impersonating the WHO email service in order to fool people and staff working from home to reveal their passwords and other sensitive information. All emails that were sent to the hackers on the fake email channel were unreturned.
- More than 2000 web sites related to coronavirus are being registered every day, (clearly a never-seen-before spike, just like the virus). Not to mention, that most of these domains are fake and malicious.
- Earlier in March, hackers were also found to be directly targeting WHO, however, they remained unsuccessful.
- Hackers are also trying to disguise themselves as WHO and steal money from innocent people in the name of fraudulent donations.
WHO had also warned people recently urging them to be extra aware of any fishy communication that claims to be from WHO.
Who is hacking WHO?
According to official sources, the real identity of hackers behind this sinister cyber espionage remains uncertain.
However, government officials in the United States, Britain and other nations have already issued public warnings for their work-from-home staff, alerting them about the cyber threats in the current vulnerable times.
Even the identity of the targeted officials at WHO is unclear at the moment.
But it is being deduced that DarkHotel, a cyber espionage group that has been active since at least 2007, is behind this operation.
Researchers have evidence to believe that the web infrastructure used by DarkHotel has also been used to infiltrate other healthcare and humanitarian organisations very recently.
According to cybersecurity sources, operations of DarkHotel group have been traced to East Asia and their targets have been traced to government staff and corporate executives in China, Japan, North Korea and the US.
“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organisation of an affected country,” says Costin Raiu, head of global research and analysis at Kaspersky.
How to stay safe from malicious hackers during the COVID-19 pandemic
Users are advised to:
- Trust only legible sources of information
- If at doubt, contact WHO or the particular agency regarding the authenticity of the content or service
- Refrain from downloading apps and opening email attachments regarding COVID-19 as they could be malicious
- Check fact checking information regarding any news that you see online
- Do a quick Google search about the app or website before you
- You can also learn how to spot phishing emails here
What do you think about this news? Share your opinions and thoughts with us in the comments below.
Maintain cybersecurity hygiene while you also maintain physical hygiene.
Stay tuned, stay safe.