Neo-Nazis post 'hacked emails from WHO' and others amid coronavirus pandemic

Extremism analysts say thousands of email address were leaked in online data dump

epa08340305 Malaysian Health official looks at a sample at a drive through COVID-19 testing site at a KPJ Ampang Puteri hospital in Kuala Lumpur, Malaysia, 03 April 2020. World Health Organisation (WHO) expected Covid-19 hospitalised cases in Malaysia to peak in mid-April.  Countries around the world are taking increased measures to stem the widespread of the SARS-CoV-2 coronavirus which causes the Covid-19 disease.  EPA/AHMAD YUSNI
Powered by automated translation

Thousands of World Health Organisation email addresses have been hacked just days after senior security officials at the agency said there had been a two-fold increase in cyber attacks.

Since the start of the coronavirus pandemic, there has been a dramatic increase in hacking attempts on international bodies co-ordinating the global response.

The WHO warned in February that cybercriminals were posing as officials from the organisation in a bid to steal money and information.

"WHO email addresses registered in external systems and applications were hacked and made public," the agency told The National on Wednesday.

The WHO said 6,835 email address were made public online on Tuesday, of which 2,712 belong to the WHO but only 457 were valid and active accounts.

“The WHO cybersecurity team ran a verification program to check the exposed email addresses and passwords against authentication services and found that none of the 457 WHO credentials had been compromised,” the body said in a statement. “As a precaution, passwords have now been reset for the 457 users whose email addresses were exposed.”

The confirmation from WHO came hours after SITE Intelligence, an organisation that monitors terrorist and extremist groups, reported that 25,000 email addresses and passwords belonging to WHO, the Gates Foundation, the World Bank and several other organisations working on the pandemic response had been made public.

SITE Intelligence reported the hack but said it could not verify if the data were authentic. The Washington Post reported that Robert Potter, an Australian cybersecurity expert, verified the information posted online.

The Gates Foundation has not relied to a request for comment.

SITE head Rita Katz said that neo-Nazi groups had posted the information to 4Chan, a prominent online messaging board used by the far-right, and then to text-pasting websites.

She said that as well as the WHO emails, 5,120 World Bank, 269 Gates Foundation, 6,857 US Centres for Disease Control, 9,938 from the US National Institute of Health and 21 from the Wuhan Institute of Virology were also included in the data dump.

The Washington Post reported that the information was leaked on Sunday and Monday and was quickly picked up in an attempt to hack the accounts by far-right extremists.

While major international organisations are regularly targeted by hackers, experts say that at times of crisis the number of attempts dramatically increases.

“At times like this, any information about cures or tests or vaccines relating to coronavirus would be priceless and the priority of any intelligence organization of an affected country,” Costin Raiu, head of global research and analysis at Kaspersky internet security company, told Reuters in March.

Reuters also reported that hackers tied to Iran tried to steal passwords from WHO staff by sending malicious messages designed to mimic Google services to their personal email accounts.

"We’ve seen some targeting by what looks like Iranian government-backed attackers targeting international health organisations generally via phishing," said a source from a large technology company that monitors malicious cyber activity.

In the UAE, the Telecommunications Regulatory Authority said there had been an 11 per cent rise in cyber attacks in March.

Amid increased concerns as more companies work remotely due to stay-at-home orders, several global businesses have warned staff not to use programmes such as internet calling service Zoom amid fears about security. Google has banned staff from using the calling service and Singapore stopped teachers using the system.