As the world faces a COVID-19 pandemic that has killed more than 15,000 people, a group of cybercriminals tried to hack the World Health Organization (WHO). Although the identity of the hackers is not yet clear, experts believe it is a group known as DarkHotel.
According to Alexander Urbelis, a cybersecurity expert at the Blackstone Law Group, in Reuters statements, cybercriminals tried to steal access credentials from WHO officials by creating a fake website that mimicked the organization's internal email system.
The news agency Flavio Aggio, WHO's Chief Information Security Officer, indicated that the number of cyber attacks that the organization and other United Nations entities have been experiencing has doubled since the crisis with COVID-19 began. The official confirmed that there was an attempt to steal information from employees through the website found by Alexander Urbelis.
According to Bitdefender and Kaspersky experts, the DarkHotel group appears to be located in East Asia. Among the targets of cybercriminals are government entities and companies in China, North Korea, Japan and the United States. Costin Raiu, responsible for the research and analysis department of the Russian cybersecurity company, said that the structure used in the WHO attack attempt had previously been used to attack other humanitarian organizations.
Cybercriminals have been taking advantage of changes in the population's lives due to COVID-19 to launch malicious attacks, disseminate false information and even circumvent users on multiple platforms. The European Commission recently announced that it is pooling efforts, in partnership with organizations such as the European Network and Information Security Agency (ENISA), Europol and CERT-EU, to ensure that citizens are protected from growing cyberameaas generated by the pandemic.
In Portugal, PJ and CNCS detected a new wave of fraudulent schemes that are trying to take advantage of the panic of some users regarding the pandemic. The authorities identified since the beginning of February this year several cyber attacks that explore the COVID-19 theme, which were previously identified by cybersecurity companies at an international level.
DECO also joined the appeals of the PJ and the CNCS. The association has alerted the public to how fraudulent schemes, such as applications that are supposed to accompany the evolution of the pandemic or with messages of miraculous cures for the disease, aim to access the data. "The first rule is to be suspicious, the second is to protect yourself", says DECO.