As reported by Reuters, elite hackers tried to break into the World Health Organization earlier this month, part of what a senior agency official said was a more than two-fold increase in cyberattacks. WHO Chief Information Security Officer Flavio Aggio said the identity of the hackers was unclear and the effort was unsuccessful. But he warned that hacking attempts against the agency and its partners have soared as they battle to contain the coronavirus, which has killed more than 15,000 worldwide.
The cyberattacks targeting the World Health Organisation amidst the COVID-19 pandemic are part of a worrying, if unsurprising, trend. Cybercriminals act outside of the boundaries of morality, and will not stop to exploit weaknesses in IT systems. Even as the rest of the world is uniting to combat this threat, cybercriminals are changing their attack scope to maximise the damage that they can do.
The cyber landscape, with its non-existent borders and limitless boundaries, demands that organisations take a more complete approach to protecting their systems. Real-time defence mechanisms are a crucial component but the first line of defence is always the workforce, with this particular attack designed upon the WHO’s internal email system.
Whilst phishing attacks decreased last year by 42% according to the SonicWall 2020 Threat Report, they are becoming increasingly targeted, as the WHO attack suggests. As a result, organisations of all sizes need to understand that a correct security posture starts with education.
Cybercriminals show no ethical boundaries and will continue to attack wherever there could be a vulnerability. What the cyber security industry needs to do now is come together and support each other. There is no better time to work collaboratively and share best practice. If the WHO are taken down, this pandemic could last longer than it needs to, so it is vital to help protect this organisation from attack.
Large technology companies sharing technologies at a time like this will help protect lives, and could even change the culture in the industry. This approach could in fact pave the way to a better future in security.