Amid the global spread of the coronavirus, Iranian-linked hackers have attempted to break into the accounts of members of the World Health Organization, several officials told Reuters Thursday.
“We’ve seen some targeting by what looks like Iranian government-backed attackers targeting international health organizations generally via phishing,” one source told the news agency, using the term for a hacking technique that uses fake messages to trick users into clicking links or entering sensitive information that can be used to break into accounts and networks.
A spokesman for WHO, Tarik Jasarevic, confirmed there had been phishing attempts targeting staff’s personal emails, but added that, “To the best of our knowledge, none of these hacking attempts were successful.”
The Iranian government denied any responsibility, calling the accusations “sheer lies to put more pressure on Iran.”
Iran has been particularly hard-hit by the virus, and as of Thursday had reported 3,160 deaths, with more than 50,000 people infected.
After weeks of refraining from imposing a lockdown or quarantine measures, Tehran decided last week to ban all intercity travel until at least April 8. There is no official lockdown within Iran’s cities, although the government has repeatedly urged Iranians to stay at home to contain the spread of the virus.
President Hassan Rouhani warned at a cabinet meeting Thursday that the country may still battle the pandemic for another year.
Beyond attacks by state-linked actors, the abrupt move of millions of people to working remotely has sparked an unprecedented volume of cyber attacks to trick people into giving up credentials to attackers, according to security researchers.
“We’ve never seen anything like this,” said Sherrod DeGrippo, head of threat research for the security firm Proofpoint. “We are seeing campaigns with message volumes up to hundreds of thousands which are leveraging this coronavirus.”
The pandemic has created a perfect storm for cyberattacks, with millions of people working in unfamiliar, less secure circumstances and eager for information about the virus and new organizational policies being implemented.
This opens up a new avenue for malicious actors using phishing emails or “social engineering” to gain access or steal sensitive information.
Attackers are taking advantage of people’s fears about COVID-19 with scare tactics to get people to click on malicious links or attachments, but also playing on sympathies with fake crowdfunding pages purported to be for people who have fallen ill, according to Tom Pendergast of the security and privacy training firm MediaPRO.
The potential for costly cyberattacks has prompted warnings for stepped up vigilance. The French public-private cybersecurity alliance this week warned businesses to be alert for fake emails related to purported orders or bank transfers, or phone calls aimed at obtaining financial account information.
The US Department of Homeland Security issued an alert this month warning that the COVID-19 epidemic has increased threats and that “cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information.”