Hackers target World Health Organisation amid coronavirus pandemic

World Health Organisation (WHO) Chief Information Security Officer Flavio Aggio has confirmed that hackers attempted to break into the organisation earlier this month, Reuters reports.

Cybersecurity expert Alexander Urbelis said he had detected suspicious activity on 13 March when hackers he had been tracking began mimicking the WHO and its internal email system.

“I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic,” said Urbelis.

While Urbelis said he was unaware who was responsible, other sources told Reuters that they suspected a group called DarkHotel.

Kaspersky head of global research and analysis Costin Raiu could not confirm that DarkHotel was responsible, but told Reuters that the group had targeted other humanitarian entities in the past.

“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country,”.

Increase attacks on WHO

Aggio confirmed that Urbelis’ observations were correct and that the malicious parties had tried to steal passwords from WHO staff members. He said this comprised a more general increase in the targeting of the WHO’s cybersecurity measures in the midst of the COVID-19 coronavirus.

“There has been a big increase in the targeting of the WHO and other cybersecurity incidents,” said Aggio.

“There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”

Protect yourself against scams

The WHO had previously warned that criminals were pretending to be the WHO to steal money and personal information.

It said that if you are approached by someone who claims to be from the WHO, you should verify whether this is actually true before responding.

It added that the WHO will never do the following:

  • Ask for your username or password to access safety information.
  • Email attachments you didn’t ask for.
  • Ask you to visit a link outside of www.who.int.
  • Charge money to apply for a job, register for a conference, or reserve a hotel.
  • Conduct lotteries or offer prizes, grants, certificates or funding through email.

You can also verify if communication is genuine by visiting one of the two following links: