European security agencies believe state-sponsored hackers in Iran are behind a string of intrusion attempts at the World Health Organization (WHO). Since April 3, employees have received emails that purportedly were sent by researchers and news outlets but that actually contained malicious links.
The cybercriminals, with suspected ties to a group known as Charming Kitten, were likely trying to steal passwords or install malware on WHO computers. In the past month, the hacker gang has been sending emails about fake coronavirus research to researchers, journalists, and government officials, says Ohad Zaidenberg with Clearsky Cyber Security.
WHO has responded by closing some systems to prevent unauthorized access, expanding its computer security team, and contracting with multiple security firms. The steps come as U.S. and U.K. cybersecurity authorities issued a joint warning Tuesday that state-sponsored hackers were “actively targeting organizations involved in both national and international Covid-19 responses,” including academia and medical research organizations.