Hackers tried to infiltrate the networks of the World Health Organization (WHO) earlier this month in attempt to steal sensitive information from the global health agency.
Reuters claims it was tipped off by Alexander Urbelis, a cyber security expert and attorney with the New York-based Blackstone Law Group, about the hacking attempts against the WHO. Urbelis said that he noticed a live effort by hackers to attack WHO systems on 13th March.
According to Urbelis, on that particular day, hackers activated a malicious site which imitated the internal email system of the WHO.
Any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organisation of an affected country
While the identity of the hackers could not be ascertained, some security experts believe that it could be the handiwork of 'DarkHotel' - a threat group that has been active since 2007 and has previously targeted several business entities and government agencies in the US, Japan, China, and other countries.
Flavio Aggio, the chief information security officer of WHO, confirmed that hackers had used a malicious website in an attempt to steal credentials of WHO employees.
While the hacking effort was unsuccessful, Aggio said that the agency has seen a two-fold increase in attempted cyber attacks against it since the start of coronavirus crisis.
Costin Raiu, head of global research and analysis at Kaspersky, revealed that the malicious web infrastructure used in this particular attack has also been used to target other healthcare organisations in recent weeks.
If you are contacted by a person or organisation that appears to be from WHO, verify their authenticity before responding
"At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organisation of an affected country," he said.
Last month, the WHO warned that hackers had been imitating its website. "Criminals are disguising themselves as WHO to steal money or sensitive information," the agency said. "If you are contacted by a person or organisation that appears to be from WHO, verify their authenticity before responding."
The US Health and Human Services (HHS) Department also revealed last week that it was recently hit by a cyber attack that seemed to be focused on hurting its ability to respond to coronavirus crisis.
The hackers didn't attempt to steal any data, but tried to overload HHS' systems with traffic with a distributed denial of service (DDoS) attack.
The Cybersecurity and Infrastructure Security Agency of the US Department of Homeland Security stated last week that it was taking all necessary steps to ensure that government systems are prepared to counter cyber attacks as more people start to work remotely during coronavirus outbreak.
Groups behind Netwalker switched phishing baits to coronavirus last week - as other ransomware groups pledged to avoid medical facilities
Almost 40 per cent of the attacks launched by the group, also known as Pawn Storm, launched over the past year targeted defence companies
The first attack was launched last month, and the compromise is still on-going
Eighty-five per cent of Microsoft Exchange Servers vulnerable to remote-code execution security flaw patched last month
Organisations warned to patch protect against CVE-2020-0688 as state-backed APTs start targeting vulnerable Exchange Servers
The watering-hole attacks might be on-going for the past several months, the researchers warn