Hackers target WHO with more cyberattacks
DarkHotel hacking group is believed to be responsible for an unsuccessful attack against the WHO
Along with disrupting business operations across the globe, the coronavirus outbreak has also led to a surge in cyberattacks and earlier this month, a group of elite hackers tried to break into the World Health Organization (WHO).
According to WHO chief information security officer Flavio Aggio, the identity of the hackers behind the attack was unclear and their efforts to infiltrate the organization were unsuccessful. However, he warned that hacking attempts against the agency and its partners have increased significantly during the coronavirus crisis.
The attacks were first uncovered by cybersecurity expert and attorney Alexander Urbelis noticed that a group of hackers he had been tracking activated a malicious site impersonating the organization's internal email system.
- Beware these new coronavirus email scams
- Facebook offers WHO free ad space to combat coronavirus
- Hackers are spreading malware through coronavirus maps
When Reuters asked Aggio about the incident, he confirmed that the site Urbelis had discovered had been used to try and steal passwords from multiple agency staffers.
DarkHotel
In a telephone interview, Aggio revealed that there had been numerous attempts to compromise the WHO since the coronavirus began, saying:
“There has been a big increase in targeting of the WHO and other cybersecurity incidents. There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”
According to two sources briefed on the matter, they suspect that an advanced group of hackers known as DarkHotel, which has been operating since at least 2007, was responsible for the latest cyberattack against the WHO.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The cybersecurity firms Bitdefender and Kaspersky both said that they have traced many of DarkHotel's operations to East Asia. In addition to targeting the WHO, the hacking group has also targeted government employees and business executives in China, North Korea, Japan and the US.
Gaining the credentials of a WHO employee could be quite useful to DarkHotel or other hacking groups, so the chance of additional cyberattacks being launched against the organization remains high.
- Also check out our complete list of the best antivirus software
Via Reuters
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.