The global coronavirus/COVID-19 outbreak is not the only emergency recently faced by the World Health Organization (WHO). According to a report by the international news agency Reuters, the organization was the victim of a recent hacking attempt, which was later confirmed by Flavio Aggio, head of computer security.
The hacking attempt was reported by cybersecurity researcher Alexander Urbelis, who specialized in identifying suspicious activity on the Internet. Urbelis mentions that he discovered such malicious activity on 13 March, when a threat actor tried to use a fake website, passing it through WHO email system.
“I was able to timely identify the attempted attack against the organization, who managed to contain the incident and protect its IT infrastructure,” Urbelis says. Although the investigator did not mention details about the possible perpetrators of the attack, unofficial sources link this incident to the hacker group known as DarkHotel, active since 2007.
Attackers tried to extract login credentials from members from various areas of WHO to carry out subsequent attacks using the extracted information: “Even though there are no specific figures, the community agrees to the increase in attempts attack on WHO and other areas of the United Nations,” the researcher added.
A few weeks ago, WHO reported that a group of malicious hackers tried to unlawfully access their systems to extract sensitive information, besides performing unauthorized money transfers: “We ask governments, private companies and non-governmental organizations around the world to verify the provenance of any email apparently associated with the WHO,” a statement released by the organization said back then.
The chaos resulting from the coronavirus/COVID-19 pandemic has left multiple health organizations around the world vulnerable, as well as the infestation of thousands of fraudulent pages offering alleged vaccines or infection treatments that expose Internet users concerned about the current global health crisis.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.