The WHO (World Health Organization) says that it is educating staff on cybersecurity risks, after some 450 active WHO email addresses and passwords were leaked online besides thousands belonging to others working on coronavirus response.
The WHO says that while leaked credentials did not put WHO systems at risk because the data was not recent, the attack did impact an older extranet system, used by current and retired staff besides partners. The WHO is now migrating affected systems to a more secure authentication system.
Scammers impersonating WHO in emails have also increasingly targeted the general public, to channel donations to a fictitious fund and not the authentic COVID-19 response fund. The number of cyber attacks is now more than five times the number directed at the Organization in the same period last year, the WHO adds.
Bernardo Mariano, WHO’s Chief Information Officer, says: “Ensuring the security of health information for Member States and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic. We are grateful for the alerts we receive from Member States and the private sector. We are all in this fight together.”
Meanwhile hackers have donated over $5,000 of their bounties earned from real-world vulnerabilities to the WHO’s fund.
Comment
James McQuiggan, Security Awareness Advocate at phishing awareness company KnowBe4, says: “With the on-going coronavirus pandemic, criminal groups are enticed to increase their social engineering and phishing email scams. The criminals pretend to be from the WHO and rely on people’s fears for information and lure them into opening attachments or clicking the links. Which, in turn, loads malware onto their computers and compromises the systems.
“It is recommended that everyone be alert to these types of scams and ignore emails relating to this kind of information and, instead, rely on trusted sources and organisations that are providing accurate information relating to this pandemic. Do not rely on the link provided. Preferably the best action to take is to visit the website by a Google search or a bookmarked address from a previous visit.
“Organisations, including the WHO, want to have a layered, defence-in-depth security model established which utilises technologies to prevent and detect any attacks. Equally important in this tiered model is a security awareness training program for employees so that they not only understand the threats posed but can identify and report any suspected attacks.”
Visit: www.who.int/covid-19.
The fraud advisory service membership group Cifas is warning potential donors not to send money by Bitcoin and to never make donations by email, instead make payments directly through the WHO website.
Cifas adds that a number of ‘Covid-19 quizzes’ are circulating on social media claiming to test a person’s knowledge about the pandemic. The quiz is designed to extract personal information and includes questions unrelated to the pandemic such as mother’s maiden names, family information and names of pets, and also asks for email addresses and telephone numbers. Cifas is reminding the public never to provide personal information to anyone as it can be used by fraudsters to commit identity fraud.
Anyone that has received a suspicious email can report it to the UK’s official Suspicious Email Reporting Service, recently set up by the National Cyber Security Centre (NCSC): [email protected].
Amber Burridge, Head of Intelligence for Cifas, said: ‘Fraudsters are always quick to spot new opportunities, and many are now using the coronavirus pandemic to prey on people’s fear and uncertainty to obtain money and personal information.
‘If you do get a request for money or information and you cannot confirm it is legitimate, then don’t be afraid to challenge it. My advice is to stay vigilant and remember that criminals are changing their tactics on an almost daily basis – so the scams you are seeing today probably won’t be the ones you’ll see tomorrow.’
