Elite hackers target WHO as coronavirus cyberattacks spike
Elite hackers tried to break into the World Health Organization earlier this month, sources told Reuters, part of what a senior agency official said was a more than two-fold increase in cyberattacks.
WHO Chief Information Security Officer Flavio Aggio said the identity of the hackers was unclear and the effort was unsuccessful. But he warned that hacking attempts against the agency and its partners have soared as they battle to contain the coronavirus, which has killed more than 15,000 worldwide.
The attempted break-in at the WHO was first flagged to Reuters by Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, which tracks suspicious internet domain registration activity.
Urbelis said he picked up on the activity around March 13, when a group of hackers he’d been following activated a malicious site mimicking the WHO’s internal email system.
“I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic,” he said.
Urbelis said he didn’t know who was responsible, but two other sources briefed on the matter said they suspected an advanced group of hackers known as DarkHotel, which has been conducting cyber-espionage operations since at least 2007.
Messages sent to email addresses maintained by the hackers went unreturned.
When asked by Reuters about the incident, the WHO’s Aggio confirmed that the site spotted by Urbelis had been used in an attempt to steal passwords from multiple agency staffers.
“There has been a big increase in targeting of the WHO and other cybersecurity incidents,” Aggio said in a telephone interview. “There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”
The WHO published an alert last month - warning that hackers are posing as the agency to steal money and sensitive information from the public.
And government officials in the United States, Britain and elsewhere have issued cybersecurity warnings about the dangers of a newly remote workforce as people disperse to their homes to work and study because of the coronavirus pandemic.
The motives in the case identified by Reuters aren’t clear. United Nations agencies, the WHO among them, are regularly targeted by digital espionage campaigns and Aggio said he did not know who precisely at the organization the hackers had in their sights.
Cybersecurity firms including Romania’s Bitdefender and Moscow-based Kaspersky said they have traced many of DarkHotel’s operations to East Asia - an area that has been particularly affected by the coronavirus. Specific targets have included government employees and business executives in places such as China, North Korea, Japan, and the United States.
Costin Raiu, head of global research and analysis at Kaspersky, could not confirm that DarkHotel was responsible for the WHO attack but said the same malicious web infrastructure had also been used to target other healthcare and humanitarian organizations in recent weeks.
“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country,” he said.
Officials and cybersecurity experts have warned that hackers of all stripes are seeking to capitalize on international concern over the spread of the coronavirus.
Urbelis said he has tracked thousands of coronavirus-themed web sites being set up daily, many of them obviously malicious.
“It’s still around 2,000 a day,” he said. “I have never seen anything like this.”
source reuters
Latest Jobs
-
- Senior Penetration Tester - UK - Ability to achieve security clearance.
- United Kingdom
- To attract the right person
-
Senior Penetration tester, who has the ability to achieve security clearance. (Visa sponsorships NOT available - sorry) UK based - remote first - occasional travel. Red teaming experience desirable. The successful person needs to have a history of engaging directly with customers (consultancy experience) technical delivery of penetration tests AND report writing. Limited travel - company operates a remote first approach. Must be living in the UK. Not one of the usual names in the pen testing industry. Looking for someone highly technical but looking to grow and develop their skills. Apply here or Reach out to me on chris.holt@dclsearch.com or 07884666351 All details kept discreet
-
- Cloud Architect- German Speaker
- Hungary
- Upto €48000 per year + bonus + benefits
-
As a Senior Pre-Sales Solutions Architect, you will play a pivotal role in driving our sales success by translating complex technical solutions into compelling proposals that resonate with our clients. You will collaborate closely with our sales teams to understand customer needs, design tailored solutions, and negotiate successful deals. Responsibilities: Solution Design: Develop comprehensive technical solutions that align with customer business objectives and industry best practices. Proposal Development: Create compelling proposals, including requirements gathering questionnaires, presentation materials, and Statements of Work (SOWs). Customer Engagement: Build strong relationships with clients, understanding their technical, business, and commercial requirements. Collaboration: Work closely with sales teams, delivery teams, and third-party partners to ensure successful project execution. Pricing Strategy: Define and deliver pricing strategies that align with customer needs and company objectives. Requirements: Experience in technical pre-sales or sales support roles. Proven track record in designing and delivering successful customer solutions. Strong technical foundation in areas such as VMware, Azure, AWS, cloud computing, and data center technologies. Excellent understanding of sales principles, account management, and negotiation techniques. Ability to explain complex technical concepts clearly and concisely. Experience working in international teams and supporting clients across multiple regions. Fluency in German and English is essential. Benefits: Competitive salary and benefits package Opportunity to work on challenging and rewarding projects Collaborative and supportive work environment Potential for career growth and advancement Please note that this role is focused on supporting German clients, but will also involve global client support as needed.
-
- Solution Architect - OUTSIDE IR35 - Contract- SC / DV - London
- London
- OUTSIDE IR35
-
Solution Architect For a London based Contract This is an Outside IR35 project. MUST have a minimum of an ACTIVE - SC clearance and be willing to be put through DV clearance. 6 month rolling Immediate Experience delivering technical Security Architecture design / assurance of security design. Cross domain experience desirable HLD / LLD London commutable Immediately interviewing.
-
- Microsoft Sentinel Architect
- Netherlands
- discussed on applications
-
Microsoft Sentinel Architect We're seeking a talented and experienced Microsoft Sentinel Architect to be responsible for the design, deploy of a new Sentinel solution into an expanding Services business. As a key member of our team, you'll play a vital role in driving security operations and protecting clients' assets. Responsibilities: Solution Design:Develop comprehensive Microsoft Sentinel architectures aligned with our clients' specific needs and industry best practices. Deployment and Configuration:Oversee the deployment and configuration of Sentinel components, including data connectors, analytics rules, and playbooks. Integration:Integrate Sentinel with other security tools and platforms within our MSSP ecosystem. Tuning and Optimization:Continuously monitor and optimize Sentinel performance to ensure maximum effectiveness and efficiency. Training and Mentoring:Mentor junior team members and provide training on Sentinel technologies and best practices. Required Skills and Experience: Proven experience as a Microsoft Sentinel Architect with a deep understanding of its capabilities and limitations. Strong technical skills in Azure, security operations, and data analytics. Experience designing and implementing complex security solutions, into a services environment Knowledge of threat intelligence, incident response, and compliance frameworks. Excellent communication and problem-solving skills.