"At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country," he said. Specific targets have included government employees and business executives in places such as China, North Korea, Japan, and the United States.Ĭostin Raiu, head of global research and analysis at Kaspersky, could not confirm that DarkHotel was responsible for the WHO attack but said the same malicious web infrastructure had also been used to target other healthcare and humanitarian organizations in recent weeks. United Nations agencies, the WHO among them, are regularly targeted by digital espionage campaigns and Aggio said he did not know who precisely at the organization the hackers had in their sights.Ĭybersecurity firms including Romania's Bitdefender and Moscow-based Kaspersky said they have traced many of DarkHotel's operations to East Asia - an area that has been particularly affected by the coronavirus. The motives in the case identified by Reuters aren't clear. The WHO published an alert last month - available here - warning that hackers are posing as the agency to steal money and sensitive information from the public.Īnd government officials in the United States, Britain and elsewhere have issued cybersecurity warnings about the dangers of a newly remote workforce as people disperse to their homes to work and study because of the coronavirus pandemic. "There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled." "There has been a big increase in targeting of the WHO and other cybersecurity incidents," Aggio said in a telephone interview. When asked by Reuters about the incident, the WHO's Aggio confirmed that the site spotted by Urbelis had been used in an attempt to steal passwords from multiple agency staffers. Messages sent to email addresses maintained by the hackers went unreturned. Urbelis said he didn't know who was responsible, but two other sources briefed on the matter said they suspected an advanced group of hackers known as DarkHotel, which has been conducting cyber-espionage operations since at least 2007. "I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic," he said. Urbelis said he picked up on the activity around March 13, when a group of hackers he'd been following activated a malicious site mimicking the WHO's internal email system. The attempted break-in at the WHO was first flagged to Reuters by Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, which tracks suspicious internet domain registration activity.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |