With the COVID-19 pandemic overtaking all news cycles and attention from world governments, information is the current currency that hackers value most. As such, the World Health Organization (WHO) has found itself at the center of an aggressive cyberattack that can be qualified as cyberespionage.
According to Reuters, earlier in the month of March, an “elite” group of hackers attempted to infiltrate the network of the WHO. The World Health Organization’s chief information security officer, Flavio Aggio, said that the attack was unsuccessful. Additionally, Aggio said that there has been a sharp increase in attempted attacks on the WHO’s network, most likely due to the ability to use insider information in phishing attempts against the public.
The specific statement that Flavio Aggio made to the media was as follows:
There has been a big increase in targeting of the WHO and other cybersecurity incidents…There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.
While Aggio was unsure of the identity of the attackers, some researchers have made an educated guess. Most prominently among such researchers are the research firms of Romania’s Bitdefender and Moscow-based Kaspersky Labs. Both firms point to a group called DarkHotel based on their known modus operandi.
There is no guarantee that this is the group, but after analyzing prior DarkHotel attacks in China, North Korea, Japan, and the United States, there is enough evidence to suggest the group is responsible. Especially with the original epicenter of the COVID-19 pandemic being East Asia, and with DarkHotel being intensely active in that region, there is ample proof to point the finger.
In an interview with Reuters, Costin Raiu, head of global research and analysis at Kaspersky Labs, stated the following regarding the group’s motives:
At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country.
As these cyberespionage attacks are only increasing in number, any developments regarding the World Health Organization’s security, or DarkHotel, will be reported on as new information emerges.
Featured image: Shutterstock