Site navigation

World Health Organisation Suffers Hacking Attempt on its Systems

David Paul


The World Health Organisation

The unidentified attackers used a malicious domain to mimic the agencies internal mailing system in an attempt to steal money and personal information.

The World Health Organisation (WHO) has suffered an unsuccessful hack attempt on its systems in what is part of a two-fold increase in cyberattacks during the coronavirus outbreak.

Hackers attempted to to mimic the organisation’s email system earlier this month, sending emails to unsuspecting targets hoping to steal money or gain access to personal information.

The hack was discovered by Alexander Urbelis, a cybersecurity expert and attorney with New York-based Blackstone Law Group, who discovered the attempt on the 13th of March.

WHO CISO Flavio Aggio confirmed that the site spotted by Urbelis had been used to steal passwords from multiple agency staffers.

Aggio told Reuters: “There has been a big increase in targeting of the WHO and other cybersecurity incidents.

“There are no hard numbers, but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.”

WHO released a statement, stating: “Criminals are disguising themselves as WHO to steal money or sensitive information. If you are contacted by a person or organisation that appears to be from WHO, verify their authenticity before responding.

“Beware that criminals use email, websites, phone calls, text messages, and even fax messages for their scams.

“WHO is aware of suspicious email messages attempting to take advantage of the COVID-19 emergency. This fraudulent action is called phishing.”


Anonymous sources said the attacks may have been caused by a group called DarkHotel, a cyber hacking group that has been carrying out such attacks for more than 10 years.

Costin Raiu, head of global research and analysis at Kaspersky, could not confirm that DarkHotel was responsible for the WHO attack, but said the same malicious web infrastructure had recently been used to target other healthcare and humanitarian organisations.

“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organisation of an affected country,” he said.

WHO officials and cybersecurity experts have warned that hackers are seeking to capitalise on coronavirus concern.

Urbelis said he has tracked thousands of coronavirus-themed web sites, adding: “It’s still around 2,000 a day. I have never seen anything like this.”

David Paul

Staff Writer, DIGIT

Latest News

Data Protection Trending Articles
Energy Government
%d bloggers like this: