The World Health Organization (WHO) has attracted the notice of cybercriminals as the worldwide COVID-19 pandemic continues to play out, with a doubling of attacks recently, according to officials there. Problematically, evidence has also now surfaced that the DarkHotel APT group has tried to infiltrate its networks to steal information. Alexander Urbelis, cybersecurity researcher/attorney at Blackstone Law Group, told Reuters that he personally observed a malicious site being set up on March 13 that mimicked the WHO’s internal email system. Its purpose was to steal passwords from multiple agency staffers, and Urbelis noted that he realized “quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic.” The attack appeared to be aimed at achieving a foothold at the agency rather than being an end unto itself: “The criminals are attempting to create similar and convincing website and email domains to leverage fear and lure people to open attachments or click a link,” explained James McQuiggan, security awareness advocate at KnowBe4, via email. “This in turn can load malware onto their systems and cause systems to be compromised.” As for the “why” of the attack, which was thwarted, Kaspersky researcher Costin Raiu told Reuters that information about remediation for coronavirus – such as cures, tests or vaccines – would be invaluable to any nation-state’s intelligence officials. In line with that, unnamed sources told the outlet that…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-03-24 15:16:002020-03-24 15:16:00WHO Targeted in Espionage Attempt, COVID-19 Cyberattacks Spike
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org