Hackers target WHO as coronavirus spread surges

News
By published

Attacks on the organisation have dramatically increased since a pandemic was declared

WHO logo

The World Health Organisation (WHO) revealed it had been the target of an unsuccessful hacking attempt that occurred at the start of March, as the coronavirus went from outbreak to pandemic.

The organisation's CISO, Flavia Aggio, told Reuters that it wasn't clear who had attempted to breach the WHO's security, but hacking attempts against the agency and its partners have doubled since the outbreak.

This latest attempt was first spotted by Alexander Urbelis, a cyber security expert and attorney with New York-based Blackstone Law Group. Urbeils had been following a group of hackers and spotted a malicious site mimicking the WHO's internal email system around 13 March.

Urbelis couldn't confirm who was behind the attack, but another unnamed source told Reuters they suspected an elite group known as DarkHotel.

There is very little detail on DarkHotel, but according to Securelist it's been operating since at least 2007 and has an alarming success rate with phishing campaigns.

The timing of this latest attack could not come at a worse time for the WHO, as COVID-19 spreads around the world, but this is just one of a number of attempts to breach its security.

The coronavirus outbreak is the cloud's chance to shine How can big companies fight hackers? What is phishing?

"Criminals are disguising themselves as WHO to steal money or sensitive information," the organisation wrote in a blog post. "If you are contacted by a person or organisation that appears to be from WHO, verify their authenticity before responding.

"The only call for donations WHO has issued is the COVID-19 Solidarity Response Fund, which is linked to below. Any other appeal for funding or donations that appears to be from WHO is a scam."

Despite the global pandemic, cyber criminals are showing no ethical boundaries and will continue to attack wherever there could be a vulnerability, according to cyber security expert Jake Moore.

"What the cyber security industry needs to do now is come together and support each other," he said. "There is no better time to work collaboratively and share best practice. If the WHO is taken down, this pandemic could last longer than it needs to, so it is vital to help protect this organisation from attack."

Bobby Hellard
Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.

Female job candidate with short hair participating in a video call interview while using AI tools on small tablet device out of view of the recruiter.

‘If you want to look like a flesh-bound chatbot, then by all means use an AI teleprompter’: Amazon banned candidates from using AI tools during interviews – here’s why you should never use them to secure a job
Jeremy Fleming, former head of GCHQ, onstage with Haider Pasha, chief security officer, EMEA & LATAM at Palo Alto Networks at Ignite London 2025.

Businesses must get better at sharing cyber information, urges former GCHQ chief
A Dell Inspiron 14 AI PC pictured inside a Best Buy store on Black Friday in Pinole.

AI PCs are becoming a no-brainer for IT decision makers
See more latest
Most Popular
Female job candidate with short hair participating in a video call interview while using AI tools on small tablet device out of view of the recruiter.
‘If you want to look like a flesh-bound chatbot, then by all means use an AI teleprompter’: Amazon banned candidates from using AI tools during interviews – here’s why you should never use them to secure a job
Jeremy Fleming, former head of GCHQ, onstage with Haider Pasha, chief security officer, EMEA & LATAM at Palo Alto Networks at Ignite London 2025.
Businesses must get better at sharing cyber information, urges former GCHQ chief
A Dell Inspiron 14 AI PC pictured inside a Best Buy store on Black Friday in Pinole.
AI PCs are becoming a no-brainer for IT decision makers
Wifi symbol, internet connection, business, global communication, mobile network, 5g, mobile phone
94% of Wi-Fi networks are vulnerable to deauthentication attacks
UK Prime Minister Keir Starmer speaking during a Q&A session after delivering a speech on plans to reform the civil service, during a visit to Reckitt Benckiser Health Care UK.
Starmer bets big on AI to unlock public sector savings
Ransomware concept image showing digitized padlock pictured on a laptop screen on red background
February was the worst month on record for ransomware attacks – and one threat group had a field day
Programming code and big data wave on a black background.
Open source security in the spotlight as UK gov publishes fresh guidance
Cartoon-style recruitment concept image showing male job candidate sitting across desk from female hiring manage during an interview.
Tech talent shortages mean firms are scrapping traditional recruitment strategies
Agentic AI concept image showing human brain split in two halves, with one side digitized on a grid pattern and the other illuminated in yellow with brainwaves emitting.
National Grid investment wing backs AI startups to boost energy efficiency
Layoffs concept image showing line of cartoon-style laid-off workers leaving an office space with belongings in cardboard boxes.
Laid-off workers are ditching full-time work: 70% of staff caught up in brutal layoffs opted for part-time roles and freelance gigs – and flexibility was the big appeal for many