MANILA, Philippines – The World Health Organization (WHO) has increasingly become the target of cyberattacks, with one hacking group attempting to steal the passwords of people staffing the agency.
WHO Chief Information Security Officer Flavio Aggio told Reuters on Tuesday, March 24, that the attack was unsuccessful, but the hackers themselves remain unknown at this time.
Aggio added this was just one attack in a number of varied attempts, telling Reuters, “There has been a big increase in targeting of the WHO and other cybersecurity incidents.”
“There are no hard numbers,” Aggio explained, “but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”
Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, flagged the attempted attack on WHO. The Blackstone Law Group tracks suspicious internet domain registration activity.
Urbelis noticed on March 13 that a group of hackers he was tracking activated a malicious site which appeared to mimic the internal email system of WHO. Said Urbelis of the discovery, “I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic.”
Aggio later confirmed the site Urbelis discovered had been used to try and nab passwords from staffers at the organization.
While Urbelis doesn’t know who was behind the attempt, two sources briefed by Reuters said they suspected an advanced group of hackers going by DarkHotel was behind the attack attempt. DarkHotel has been engaging in cyber-espionage since 2007.
Messages sent to email addresses maintained by the hackers were not returned, however. – Rappler.com