One of the major shifts that the cybersecurity threat landscape has seen in recent months is the focus on COVID-19. This follows logically considering that cybercriminals tend to focus on what is the most present in the global population’s mind. A viral pandemic is certainly something that qualifies, and as a result, most cybercrime is at least tangentially related to this health crisis. In one particular example, the World Health Organization (WHO) has seen a massive increase in cyberattacks from all fronts. Just recently, the WHO reported that a cyberattack resulted in the leaking of credentials of employees.
This knowledge was made known publicly via the WHO’s official website in a press release. The release said this specifically about the nature of the leaked credentials:
This week, some 450 active WHO email addresses and passwords were leaked online along with thousands belonging to others working on the novel coronavirus response. The leaked credentials did not put WHO systems at risk because the data was not recent. However, the attack did impact an older extranet system, used by current and retired staff as well as partners. WHO is now migrating affected systems to a more secure authentication system.
In the same press release, the WHO confirmed that it has seen a “fivefold increase” in cybersecurity attacks. Experts believe that a variety of factors contribute to this. Speaking with SCMagazine, Lucy Security CEO Colin Bastable gave his opinion on the reason for the increase.
He pinpointed two primary driving factors, the first being cybercriminals looking for any avenue to gain more ways to social engineer. These credentials allow for faking of emails and advertisements used in phishing scams. Bastable’s second reason was political. According to the Lucy Security CEO, Bill Gates’ affiliation with the WHO is possibly inspiring politically motivated hacking:
The leaks may also be tied to political hostility to the Gates Foundation’s work on vaccinations and its participation in an October 2019 pandemic wargaming session, Event 201… ‘leak’ may be… designed to capitalize on the WHO’s woes and [Microsoft founder Bill] Gates’s drive to promote his Foundation’s vaccines combined with tech-based lockdown ‘passports.’
The World Health Organization is likely only going to see further cyberattacks increasing in an exponential rate, at least until the crisis is over.
Featured image: Wikimedia