Loading
Breaking
Now Reading: CYBER ATTACK | Hackers linked to Iran target WHO amid coronavirus
CYBER ATTACK | Hackers linked to Iran target WHO amid coronavirus
April 2, 2020 , 11:36 PM

By Joseph Menn, Christopher Bing, Raphael Satter, Jack Stubbs

SAN FRANCISCO/WASHINGTON/LONDON (Reuters) – Hackers working in the interests of the Iranian government have attempted to break into the personal email accounts of staff at the World Health Organization during the coronavirus outbreak, four people with knowledge of the matter told Reuters.

It is not clear if any accounts were compromised, but the attacks show how the WHO and other organizations at the center of a global effort to contain the coronavirus have come under a sustained digital bombardment by hackers seeking information about the outbreak.

Reuters reported in March that hacking attempts against the United Nations health agency and its partners had more than doubled since the beginning of the coronavirus crisis, which has now killed more than 40,000 worldwide.

The latest effort has been ongoing since March 2 and attempted to steal passwords from WHO staff by sending malicious messages designed to mimic Google web services to their personal email accounts, a common hacking technique known as “phishing,” according to four people briefed on the attacks. Reuters confirmed their findings by reviewing a string of malicious websites and other forensic data.

“We’ve seen some targeting by what looks like Iranian government-backed attackers targeting international health organizations generally via phishing,” said one of the sources, who works for a large technology company that monitors internet traffic for malicious cyber activity.

WHO spokesman Tarik Jasarevic confirmed that personal email accounts of WHO staff were being targeted by phishing attacks, but said the WHO did not know who was responsible. “To the best of our knowledge, none of these hacking attempts were successful,” he said.

Iran’s government denied any involvement. “These are all sheer lies to put more pressure on Iran,” said a spokesman at Iran’s information technology ministry.

Karim Hijazi, chief executive of cyber intelligence firm Prevailion, shared his recently captured data with Reuters that shows a sophisticated hacking group was actively targeting the global health organization.

Reuters couldn’t independently confirm his analysis. Hijazi said the identity of the hackers was difficult to determine, although their techniques appeared advanced.

The intrusion attempts are distinct from others reported by Reuters last week, which sources said were thought to be the work of an advanced group of hackers known as DarkHotel that has previously been active in East Asia – an area that has been particularly affected by the coronavirus.

The motives of the hackers was not clear, but targeting officials at their personal accounts is a longstanding intelligence-gathering technique.

Other details in this phishing attempt point to links with Tehran. For example, Reuters found that the same malicious websites used in the WHO break-in attempts were deployed around the same time to target American academics with ties to Iran.

The related activity – which saw the hackers impersonate a well-known researcher – parallels cases Reuters previously documented where alleged Iranian hackers masqueraded as media figures from organizations such as CNN or The New York Times to trick their targets.

Iran has suffered an enormous loss of life from the coronavirus, and infections have reached the inner circle of the country’s leadership.

A person close to U.S intelligence said he was aware of the Iranian campaign and that such attacks are standard fare during times of international crisis.

While large prizes for intelligence agencies would include coronavirus response plans for various countries or word of effective treatments, more benign data, such as WHO estimates for infection rates, would also be valuable, the person said.

(Reporting by Joseph Menn, Christopher Bing, Jack Stubbs and Raphael Satter. Additional reporting by Stephanie Ulmer-Nebehay in GENEVA and Parisa Hafezi in ANKARA; editing by Chris Sanders and Edward Tobin)

More From News5
Ex-FHM model sa drug buy-bust
Nasabat sa dating modelo ang ilang pakete ng shabu, ecstacy at pipe para sa liquid shabu na ibinibenta raw sa online store.
Published On: March 2, 2020
2020 Tokyo Olympics, tuloy sa kabila ng banta ng COVID-19
Tiniyak ng local organizers na handa silang protektahan kontra COVID-19 ang libu-libong atleta na lalahok sa Olympics. For more videos, visit us at www.news5.com.ph.
Published On: March 2, 2020
Sen. Drilon, naghain ng concurrent resolution sa ABS-CBN franchise extension
Mas mabilis ang proseso sa concurrent resolution dahil pag-apruba lamang ng Kamara at Senado ang kailangan para mapalawig hanggang June 30, 2020 ang prangkisa ng ABS-CBN. | via Greg Gregorio. For more videos, visit us at www.news5.com.ph.
Published On: March 2, 2020
Apology ng ABS-CBN, tinanggap na ni Duterte
Tinanggap na ni Pres. Duterte ang paumanhin ng ABS-CBN sa hindi nito pag-ere ng kanyang political advertisements noong 2016 elections. Natanong din siya tungkol sa quo warranto petition ng Office of the Solicitor General na pinapawalang bisa ang prangkisa ng broadcast network. | via Maricel Halili For more videos, visit us at www.news5.com.ph.
Published On: March 2, 2020
Jovie Espenido, 'cleared' na sa droga sa region 6
Nilinaw ng PNP na hindi pa final ang desisyon dahil sa isasailalim pa sa national level validation ang pagkakadawit ni P/Lt. Col. Jovie Espenido sa drug watchlist. For more videos, visit us at www.news5.com.ph.
Published On: March 2, 2020
Pag-iingat ng simbahan vs. COVID-19 ngayong Semana Santa
Maraming simbahan ngayong Ash Wednesday ang ibinudbod sa bunbunan imbes na ipinahid sa noo ang abo bilang pag-iingat laban sa coronavirus disease. | via Jen Calimon. For more videos, visit us at www.news5.com.ph.
Published On: March 2, 2020
Kinompronta ni Calida ang isang ABS CBN reporter
"Ikaw, lagi mo akong binabanatan ha." Kinompronta ni Solicitor General Jose Calida ang isang reporter ng ABS-CBN nang manghingi ito ng kopya ng petition for quo warranto para sa pagpapawalang-bisa ng prangkisa ng network.
Published On: February 17, 2020
Nilinaw ni Sec. Panelo ang naging confusion sa pagkansela sa VFA
Ipinaliwanag ni Sec. Salvador Panelo na nagkalituhan daw sa tenses na ginamit kaya magkaiba ang naging pahayag nila ni Defense Sec. Delfin Lorenzana tungkol sa pagpapasa ng termination notice ng Visiting Forces Agreement sa Amerika. Sinabi rin ni Panelo na mas mahalagang malaman na hindi magbabago ang isip ng Pangulo sa isyu.
Published On: February 17, 2020
Babaeng astronaut na bumalik sa mundo, gumawa ng record
328 na araw nananatili sa space ang American astronaut na si Christina Koch. For more videos, visit us at www.news5.com.ph.
Published On: February 17, 2020
Inflation forecast para sa 2020, itinaas ng BSP
Posibleng pumalo sa 3% ang inflation o kabuuang pagtaas ng presyo ng mga bilihin at serbisyo ngayong taon, batay sa pagtataya ng Bangko Sentral ng Pilipinas. For more videos, visit us at www.news5.com.ph.
Published On: February 17, 2020
Top Stories
‘EXEMPLAR CHIEF EXECUTIVE’ | Bocaue mayor Joni Villanueva dies
(MAY 29, 2020) – Bocaue, Bulacan Mayor Joni Villaueva-Tugna died on Thursday. This was confirmed in a Twitter post by her party-mate PDP-Laba
Published On: May 29, 2020
LIMITED MASS TRANSPORT | Transpo under GCQ not 100% says DOTr
(MAY 28, 2020) – Transportation Secretary Arthur Tugade said public transportation will resume as Metro Manila shifts to a General Community
Published On: May 29, 2020
LESS RESTRICTIONS | Pres. Duterte places Metro Manila under GCQ
(MAY 28, 2020) – President Rodrigo Duterte approved on Thursday night the recommendation of the Inter-Agency Task Force to put Metro Manila,
Published On: May 28, 2020
MENTAL TOLL | More Pinoys having mental health issues during lockdown
(MAY 28, 2020) – The number of Filipinos having mental health issues increased since the imposition of the lockdown last March according to t
Published On: May 28, 2020
‘PRUDENT WAY’ | Opening schools in Denmark did not worsen outbreak, data shows
COPENHAGEN (Reuters) – A partial reopening of Danish schools did not lead to an increase in coronavirus infections among young students, a do
Published On: May 28, 2020