Hackers tried to break into the World Health Organisation (WHO) earlier this month, sources told Reuters – part of a two-fold increase in attacks levelled against the organisation.
The attackers set up an imitation website posing as an email login portal for WHO staff in order to snatch passwords. However, WHO chief information security officer Flavio Aggio said the effort was unsuccessful.
The attack was discovered by Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, an organisation that monitors suspicious domain registration activity. The group’s activity was first spotted around 13 March.
It’s not yet totally clear who the hackers were, but sources told Reuters they suspected an advanced group of hackers known as DarkHotel, which has been orchestrating cyber-espionage operations since at least 2007.
One potential motivation for the attack could be obtaining information about tests or vaccines, which would be invaluable at this time.
Health organisations have been subject to increased cyber-threat as the coronavirus pandemic continues (despite some hacking groups graciously saying they’ll stop targeting the industry for now).
On 15 March, the US Department of Health and Social Science was hit with a cyberattack that aimed to disrupt its COVID-19 response.
A hospital in the Czech Republic which is responsible for processing coronavirus tests also suffered a cyberattack.
The spike in attacks could be the result of the cyber criminal’s callous calculation that hospitals and other health organisations would perhaps pay inflated ransoms in order to regain control of critical services at this desperate time.
Sign up to Emerging Threats, our weekly cyber security newsletter
Researchers eyed cyber criminals prepping for future attacks as far back as January when hackers began buying web domains almost identical to those used by the World Health Organisation or the Centre for Disease Control and Prevention.
But even before the coronavirus pandemic, reports indicated that health care is one of the biggest targets for both ransomware and cyber attacks. In 2017, Health Care Industry Cybersecurity Task Force convened by the US Department of Health and Human Services found that health care cyber security was in “critical condition.”
A 2020 report revealed that last year in the UK, 67 per cent of health care organisations experienced a cyber security incident.