Spokesman Tarik Jasarevic yesterday told Express.co.uk hackers were targeting the WHO in multiple ways, including vishing [voice phishing], email phishing, WhatsApp phishing and social media scams. The Geneva-based health body is critical to the worldwide effort to halt the spread of the disease – and so anything which slows down its operation will, ultimately, endanger lives. So far the identity of the culprits remains unclear.
Mark Mulready, of cybersecurity specialists Irdeto told Express.co.uk: “Attribution is one of the most challenging aspects of cyberattacks.
“Known ransomware operators have stated that they will not target health and medical organizations during the COVID-19 pandemic.
“However there have already been reports that a hospital in the UK has been hit by Maze ransomware.”
Back Express.co.uk’s NHS Heroes campaign
The most likely scenario would be a state sponsored attack
Nevertheless, Mr Mulready added: “The most likely scenario would be a state sponsored attack.
“There have been numerous reports that Russia is linked to running a disinformation campaign around COVID-19.
“EU observers of Russian media have observed a significant amount of articles which contain false and misleading information regarding the coronavirus pandemic designed to incite unrest in the West.
“No doubt there will be detailed investigations ongoing regarding attribution for this attack on the WHO and we may hear more on this in due course.”
In such an uncertain climate, Mr Mulready drew a parallel with efforts to prevent transmission of coronavirus himself among people, using a phrase popularised by Dr Tedros Ghebreyesus, the WHO’s director-general.
Mr Mulready explained: “Global organisations need to behave just like humans to prevent attacks.
Katya Jones in social media return after supporting Neil Jones’ mum [INSIGHT]
Boris Johnson savaged over UK coronavirus lockdown move in poll [ANALYSIS]
Coronavirus job retention scheme: How does the scheme work? [OPINION]
“They need to increase their cyber hygiene levels.
“Don’t rely on systems with outdated and vulnerable software.
“Patch, patch, patch and test, test, test.
“Ensure you have a secure backup (which would not be automatically be impacted in case of a ransomware attack and test it) and have robust anti-phishing measures since most ransomware infections start with a mouse click by an employee.”
Russian hackers are widely blamed for having targeted the 2016 US Presidential election with a campaign of misinformation.
A report published by Microsoft in October blamed Fancy Bear, the Russian-sponsored hacker group, which Microsoft has named internally as Strontium, for “significant cyberattacks” on 16 national and international sports and anti-doping organizations, including the World Anti Doping Agency (WADA).
Tom Burt, Microsoft’s corporate vice president of customer security and trust, wrote: “The methods used in the most recent attacks are similar to those routinely used by Strontium to target governments, militaries, think tanks, law firms, human rights organizations, financial firms and universities around the world.
“Strontium’s methods include spear-phishing, password spray, exploiting internet-connected devices and the use of both open-source and custom malware.”
Speaking in 2017, Mr Putin said: “Artists may act on behalf of their country, they wake up in good mood and paint things.
“Same with hackers, they woke up today, read something about the state-to-state relations.
“If they are patriotic, they contribute in a way they think is right, to fight against those who say bad things about Russia.”
Source: Read Full Article