In what appears to be a trend of attacks on health organizations fighting the novel coronavirus (COVID-19) pandemic, an unidentified "elite team" of hackers apparently used a fake site that "mimicked WHO's internal email system" in an attempt to steal passwords from agency staffers. This revelation follows shortly on the heels of a largely unsuccessful attack against the U.S. Health and Human Services (HSS) agency.
WHO, which is an agency of the United Nations, has been at the forefront of education and outreach regarding the global health crisis.
It is suspected that the group responsible for the attempt is one called Darkhotel, which is believed to originate out of South Korea and is known mostly for its targeting of business executives in Asia and Russia, according to Kaspersky Labs.
While some hacking groups have claimed they will abstain from attacking health organizations during the COVID-19 outbreak, WHO CISO Flavior Aggio said that his organization has seen a "twofold" increase in attempted cyberattacks since they've been fighting the virus.
“There has been a big increase in targeting of the WHO and other cybersecurity incidents,” Aggio said, speaking with Reuters. “There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”
Hackers have also used the WHO's authority as a renowned health organization in their schemes, crafting lures and fake, malware-laden websites to take advantage of people looking for credible information about the spread of the virus.
The organization put out a release last month warning online visitors of criminals "pretending to be WHO."
