COVID-19: WHO reports five-fold increase in cyberattacks, urges vigilance

COVID-19: WHO reports five-fold increase in cyberattacks, urges vigilance

Geneva, Apr 25: Since the start of the COVID-19 pandemic, WHO has seen a dramatic increase in the number of cyberattacks directed at its staff, and email scams targeting the public at large.

This week, some 450 active WHO email addresses and passwords were leaked online along with thousands belonging to others working on the novel coronavirus response.

The leaked credentials did not put WHO systems at risk because the data was not recent. However, the attack did impact an older extranet system, used by the current and retired staff as well as partners.

WHO is now migrating affected systems to a more secure authentication system.

Scammers impersonating WHO in emails have also increasingly targeted the general public to channel donations to a fictitious fund and not the authentic COVID-19 Solidary Response Fund.

The number of cyberattacks is now more than five times the number directed at the Organisation in the same period last year.

“Ensuring the security of health information for the Member States and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic. We are grateful for the alerts we receive from the Member States and the private sector. We are all in this fight together,” said Bernardo Mariano, WHO’s Chief Information Officer.

WHO is working with the private sector to establish more robust internal systems and to strengthen security measures and is educating staff on cybersecurity risks.

WHO asks the public to remain vigilant against fraudulent emails and recommends the use of reliable sources to obtain factual information about COVID-19 and other health issues.