While the world is paralysed in fear and heavily distracted by COVID-19, cybercriminals seem to have focused their attention on the WHO (World Health Organisation). Responsible for directing international public health within the United Nations, the primary objective of WHO is to ensure that all countries are advised on correct health procedures and are fully up to date on the health risks and threats that encompass the world.
Cybercriminals are seeking out ways to use the COVID-19 threat to mimic WHO and gain access to sensitive information, while taking advantage of panicked citizens the world over.
The Cyber-Attack on World Health Organisation
On the 13th of March 2020, cybersecurity researchers noted that a malicious site was set up mimicking the WHO internal email system. The main objective of this site seemed to be the theft of user names and passwords. Due to the nature of the attack, which seems focused on healthcare and humanitarian organisations, it appears that the hackers don’t have a financial motive in this instance, but rather an intent to gather data and intelligence.
Cybersecurity officials responding to the attack confirm that it was thwarted and suggest that the cyber-attack was possibly linked to nation state officials seeking intelligence. The source of the attacks were neither claimed nor confirmed, but it is clear that the objective was to gather information on tests, vaccines, and cures for the Coronavirus.
There is some suspicion that DarkHotel, a group first detected in 2014, was behind these attacks. The group is known to target corporates and diplomats using luxury hotel Wi-Fi networks.
The WHO Warns of Malware Scam
Since the onset of the COVID-19 pandemic, the WHO has been the target of many scams.
Cybercriminals have sent out a plethora of emails pretending to be WHO officials. These emails warn of the dangers of COVID-19 and request recipients to click on a link or open an attachment. Unfortunately, the communications are scams, an easy way to get concerned readers to unwittingly install HawkEye key-logging malware on their device.
Criminals Ramping Up Scamming Efforts
Cybercrime professionals have noticed that COVID-19 themed websites, in excess of 2 000 per day, are being set up by opportunistic criminals. There has also been an increase in botnet driven emails with malicious intent doing the rounds.
Protect Yourself
Fear surrounding the pandemic is being used to launch phishing and malware attacks the world over. Now more than ever before you need to protect yourself and your data, remain vigilant, and never interact with unsolicited emails received by health officials. If you do receive such an email, make contact with the organisation to confirm legitimacy of the email and communication.
In times of uncertainly, while criminals increase their efforts, it is important for citizens of the world (not just SA) to be vigilant, cautious and careful. Protect your personal data by erring on the side of caution.