And one expert has hinted the culprits may even be state-sponsored groups trying to steal information about a possible vaccine or other treatments. Flavio Aggio, the WHO’s chief information security officer, said the identity of the hackers had yet to be established but stressed the latest attempt had been unsuccessful. However, he wanted cyber-crooks had stepped up efforts to target the agency just as it has stepped up its efforts to stop the spread of the disease, which has killed 15,000 people worldwide so far.
The alarm was initially raised by Alexander Urbelis, an attorney with the New York-based Blackstone Law Group, which tracks suspicious internet domain registration activity.
Mr Urbelis said he noticed the activity beginning March 13, when he realised aa group of hackers he had been following had activated a malicious site which mimicked the WHO’s internal email system.
He added: “I realised quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic.”
WHO spokesman Tarik Jasarevic told Express.co.uk: “There are multiple ways attackers are exploiting the current Covid-19 situation via multiple impersonation approaches: vishing [voice phishing], email phishing, WhatsApp phishing, social media.
“When we receive such information we confirm that the attempt was fraudulent and advise to communicate with local authorities.”
Mr Urbelis has tracked thousands of coronavirus-themed web sites set up every day, many of them clearly malicious.
He said: “It’s still around 2,000 a day. I have never seen anything like this.”
There are no firm indications as to who is behind the attacks, but two sources briefed on the matter pointed the finger at a shadowy group known as DarkHotel, which has carried out cyber-espionage since at least 2007.
Cybersecurity firms in Romania and Russia have said they have traced many of DarkHotel’s operations to East Asia – an area particularly affected by the pandemic.
Targets have included government employees in China, North Korea, Japan, and the United States.
Costin Raiu, head of global research and analysis at Moscow-based cybersecurity company Kaspersky, hinted the motives might even go beyond straight, money-orientated criminality.
Coronavirus: How France and Germany are ‘most exposed’ to pandemic [ANALYSIS]
EU crisis: BBC’s Adler explains how coronavirus sparked Brussels row [INSIGHT]
Italian journalist accuses Germany of coronavirus cover-up: ‘Shame!’ [REVEALED]
He explained: “At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organisation of an affected country.”
In a statement issued on the WHO’s website, the WHO states: “The only call for donations WHO has issued is the COVID-19 Solidarity Response Fund, which is linked to below.
“Any other appeal for funding or donations that appears to be from WHO is a scam.”
Mark Mulready, vice president, cybersecurity services at cybersecurity company Irdeto, told Express.co.uk: “The WHO is on the frontline, fighting the novel Coronavirus (COVID-19) spread response within countries across the world. A cyber-attack could include a ransomware attack and potentially result in data loss and loss of information, which are critical components in fighting such a global pandemic.
“The potential damage of ransomware could mean that the WHO could fail to functionally operate, and its staff could not perform their duties.
“As the WHO is a convener and coordinator of responses throughout the world, data loss would mean that years of research would be lost, severely impacting the flow of information and knowledge sharing, and WHO might be at risk of losing control.
“The WHO has cybersecurity measures in place and advisory warnings are issued periodically; however, any attack could discredit the work of the WHO, adding to the global confusion, making the fight against COVID-19 increasingly difficult.
“The greatest challenge right now is disinformation. The integrity, reliability and trustworthiness of the WHO’s information is critical in their efforts to deal with the COVID-19 pandemic. Any disinformation would have a highly disruptive impact and could put lives at risk.”
The WHO has also issued a series of guidelines.
These stressed the agency will never:
- Ask for usernames or passwords to access safety information
- Email unrequested attachments
- Ask users to visit a link outside of www.who.int
- Charge money to apply for a job, register for a conference, or reserve a hotel
- Conduct lotteries or offer prizes, grants, certificates or funding through email
Source: Read Full Article