Elite hackers tried to break into the WHO earlier this month, sources said, part of what a senior agency official said was a more than two-fold increase in cyberattacks.
The identity of the hackers was unclear and the effort was unsuccessful, WHO Chief Information Security Officer Flavio Aggio said.
However, he warned that hacking attempts against the agency and its partners have soared as they battle to contain COVID-19, which has killed more than 15,000 worldwide.
The attempted break-in at the WHO was first flagged to Reuters by Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, which tracks suspicious Internet domain registration activity.
Urbelis said that he picked up on the activity around March 13, when a group of hackers he had been following activated a malicious site mimicking the WHO’s internal e-mail system.
“I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic,” he said.
Urbelis said he did not know who was responsible, but two other sources briefed on the matter said they suspected an advanced group of hackers known as DarkHotel, which has been conducting cyberespionage operations since at least 2007.
Messages sent to e-mail addresses maintained by the hackers went unreturned.
Asked by Reuters about the incident, Aggio confirmed that the site spotted by Urbelis had been used in an attempt to steal passwords from multiple agency staffers.
“There has been a big increase in targeting of the WHO and other cybersecurity incidents,” Aggio said in a telephone interview. “There are no hard numbers, but such compromise attempts against us and the use of [WHO] impersonations to target others have more than doubled.”
The WHO published an alert last month warning that hackers are posing as the agency to steal money and sensitive information from the public.
Government officials in the US, Britain and elsewhere have also issued cybersecurity warnings about the dangers of a newly remote workforce as people disperse to their homes to work and study because of the coronavirus pandemic.
The motives in the case identified by Reuters are not clear.
UN agencies, the WHO among them, are regularly targeted by digital espionage campaigns and Aggio said that he did not know who precisely at the organization the hackers had in their sights.
Cybersecurity firms including Romania’s Bitdefender and Moscow-based Kaspersky said that they have traced many of DarkHotel’s operations to East Asia — an area that has been particularly affected by the coronavirus.
Specific targets have included government employees and business executives in places such as China, North Korea, Japan and the US.
Costin Raiu, director of global research and analysis at Kaspersky, could not confirm that DarkHotel was responsible for the WHO attack, but said that the same malicious Web infrastructure had also been used to target other healthcare and humanitarian organizations in the past few weeks.
“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country,” he said.
Officials and cybersecurity experts have warned that hackers of all stripes are seeking to capitalize on international concern over the spread of the coronavirus.
Urbelis said that he has tracked thousands of coronavirus-themed Web sites being set up daily, many of them obviously malicious.
“It’s still around 2,000 a day,” he said. “I have never seen anything like this.”
DEADLOCK: Putin has vowed to continue fighting unless Ukraine cedes more land, while talks have been paused with no immediate results expected, the Kremlin said Russia on Friday said that peace talks with Kyiv were on “pause” as Ukrainian President Volodymyr Zelenskiy warned that Russian President Vladimir Putin still wanted to capture the whole of Ukraine. Meanwhile, US President Donald Trump said that he was running out of patience with Putin, and the NATO alliance said it would bolster its eastern front after Russian drones were shot down in Polish airspace this week. The latest blow to faltering diplomacy came as Russia’s army staged major military drills with its key ally Belarus. Despite Trump forcing the warring sides to hold direct talks and hosting Putin in Alaska, there
North Korea has executed people for watching or distributing foreign television shows, including popular South Korean dramas, as part of an intensifying crackdown on personal freedoms, a UN human rights report said on Friday. Surveillance has grown more pervasive since 2014 with the help of new technologies, while punishments have become harsher — including the introduction of the death penalty for offences such as sharing foreign TV dramas, the report said. The curbs make North Korea the most restrictive country in the world, said the 14-page UN report, which was based on interviews with more than 300 witnesses and victims who had
COMFORT WOMEN CLASH: Japan has strongly rejected South Korean court rulings ordering the government to provide reparations to Korean victims of sexual slavery The Japanese government yesterday defended its stance on wartime sexual slavery and described South Korean court rulings ordering Japanese compensation as violations of international law, after UN investigators criticized Tokyo for failing to ensure truth-finding and reparations for the victims. In its own response to UN human rights rapporteurs, South Korea called on Japan to “squarely face up to our painful history” and cited how Tokyo’s refusal to comply with court orders have denied the victims payment. The statements underscored how the two Asian US allies still hold key differences on the issue, even as they pause their on-and-off disputes over historical
Decked out with fake crystal chandeliers and velvet sofas, cosmetic surgery clinics in Afghanistan’s capital are a world away from the austerity of Taliban rule, where Botox, lip filler and hair transplants reign. Despite the Taliban authorities’ strict theocratic rule, and prevailing conservatism and poverty in Afghanistan, the 20 or so clinics in Kabul have flourished since the end of decades of war in the country. Foreign doctors, especially from Turkey, travel to Kabul to train Afghans, who equally undertake internships in Istanbul, while equipment is imported from Asia or Europe. In the waiting rooms, the clientele is often well-off and includes men
RSS