Hackers target WHO in phishing attack

SP

SP

Kıdemli Üye
29 Eki 2018
2,702
568
9YcH7m.png


A cyberattack that targeted the World Health Organization (WHO) is probably just the tip of the iceberg according to experts reacting to the news this week.

Reuters first broke the news that a hacking group had targeted WHO, which is the UN agency responsible for international public health. It has played a central role in the monitoring and mitigation of the COVID-19 pandemic in recent weeks.

WHO reportedly noticed the hacking attempt in mid-March. It involved an email front end hosted on a phishing domain that tried to lure the agency’s employees into logging handing over their login credentials.

According to Reuters sources, the attack likely came from Darkhotel, a group that according to MITRE has been active since at least 2004. The group, believed to be based in Southeast Asia, got its name by targeting high-value individuals as they travelled around the world by tracking their hotel bookings via compromised hotel web apps.

Experts aren’t surprised that nation-state actors would target WHO. Lance Spitzner, a certified instructor at cybersecurity training company SANS, tried to put the incident in perspective, telling us:

When you read about it, all the bad guy did was set up a phishing website that emulated the World Health Organization’s internal mail server to harvest logins and passwords.

Phishing attacks like this happen early on in the cyber kill chain, and the attackers reportedly failed. However, that doesn’t mean others won’t be more successful, warned Spitzner, who cited WHO as an important target because of the COVID-19 crisis. He said:

Every nation-state out there is going to want to know the latest and greatest on the coronavirus for political reasons, maybe military reasons or economic reasons. So I would be absolutely shocked if there were not about five nation states that are already in its network.

This isn’t the first health organisation that has suffered attacks during the health crisis. Mid-March also saw a DDoS attack on the US Department of Health and Human Services, along with a social media campaign spreading fake news about the health issue.

According to WHO officials talking to Reuters, the number of attempted cyberattacks against the agency has more than doubled recently. Phishing attacks have also targeted the public to distribute viruses and gather passwords. Earlier this month, the agency issued an advisory warning that criminals would try to impersonate it.​
 
Cevap yazmak için giriş yap yada kayıt ol.
Üst

Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.