THE World Health Organisation (WHO) has seen a dramatic five-fold increase in the number of cyberattacks and email scams since the pandemic was declared a major emergency at the end of January.
Around 450 active WHO email addresses and passwords were leaked online this week, said the organisation, along with thousands belonging to people working on a response to Covid-19.
WHO said the leaked credentials did not put systems at risk because the data were not current, but it did impact one of its older systems. The agency is now migrating the affected systems to a more secure one.
Scammers impersonating WHO in emails have increased their attacks on the general public, it said, trying to channel donations to a fictitious fund.
Its chief information officer, Bernardo Mariano, said: “Ensuring the security of health information for member states and the privacy of users interacting with us is a priority for WHO at all times, but also particularly during the Covid-19 pandemic. We are grateful for the alerts we receive from member states and the private sector. We are all in this fight together.”
READ MORE: WHO scheme to increase global access to potential Covid-19 vaccine
Earlier this month, hackers tried unsuccessfully to break into the agency’s computers, an attempt first flagged to Reuters by Alexander Urbelis, a cybersecurity expert and lawyer with a New York-practice that tracks suspicious internet domain registration activity.
Urbelis said he noticed the activity around March 13, when a group of hackers he’d been following activated a malicious site mimicking the WHO’s internal email system.
“I realised quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic,” he said.
Urbelis said he did not know who was responsible, but two other sources said they suspected an advanced group of hackers known as DarkHotel, which has been conducting cyber-espionage operations since at least 2007.
WHO chief information security officer, Flavio Aggio, confirmed that the site had been used in an attempt to steal passwords from multiple agency staff. “There has been a big increase in targeting of the WHO and other cybersecurity incidents,” he said. “There are no hard numbers, but such compromise attempts against us and the use of WHO impersonations to target others have more than doubled.”
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here