WHO unsuccessfully targeted by hackers earlier this month: report

The World Health Organization (WHO) was unsuccessfully targeted by elite hackers earlier this month in the midst of the coronavirus pandemic, Reuters reported Monday.

WHO Chief Information Security Officer Flavio Aggio told Reuters that while the hacking effort was unsuccessful, the WHO has seen a spike in attempted cyberattacks since the coronavirus crisis began. 

“There has been a big increase in targeting of the WHO and other cybersecurity incidents,” Aggio told Reuters. “There are no hard numbers, but such compromise attempts against us and the use of [WHO] impersonations to target others have more than doubled.”

Reuters was tipped off to the attempted hack by Alexander Urbelis, a cybersecurity expert and attorney with Blackstone Law Group, who picked up on a live effort to hack the health agency on March 13. 

The identity of the hackers involved is not known, though according to experts contacted by Reuters, a cyber crime group known as “DarkHotel” is suspected of carrying out the attack. This hacking group has previously targeted officials and business in the U.S., China, Japan and North Korea.  

The WHO did not immediately respond to The Hill’s request for comment on the story. 

The attempted cyberattack comes after the Department of Health and Human Services (HHS) was targeted in a separate cyberattack earlier this month. HHS Secretary Alex Azar told reporters that the hackers involved were not able to penetrate any networks, and that there was no data breach. 

The WHO published an alert last month warning individuals to beware of “criminals disguising themselves as WHO to steal money or sensitive information.” The WHO noted that it would never send emails asking for usernames or passwords, or emails including attachments that an individual had not requested. 

These types of emails, known as phishing, have increasingly been used to target individuals due to concerns around the coronavirus.