Login

Register

Login

Register

#cybersecurity | #infosec | WHO confirms credentials leak included staff working on COVID-19 response – | #cybersecurity | #informationsecurity


The World Health Organization (WHO) said the recent leak of 450 active WHO email addresses and passwords along with credentials of thousands working on the response to the coronavirus pandemic didn’t put the organization’s systems at risk.

Explaining that its systems were largely spared because “the data was not recent,” WHO said in a release that “the attack did impact an older extranet system, used by current and retired staff as well as partners.”

Credentials from WHO, the CDC and Gates Foundation recently started making their way onto the likes of 4chan, Pastebin and Twitter, with the latter taking steps to remove them earlier this week.

“The common ‘covid’ nature of the organizations targeted strongly suggests that they are old credentials that have been bundled to take advantage of” the pandemic, said Lucy Security CEO Colin Bastable, explaining that the credentials likely came from previous breaches where people used work emails on compromised third-party sites like hotel bookings and reward programs.

The global health group’s prominent role in responding to the spread of COVID-19 has made it a prime target for scammers. “The number of cyberattacks is now more than five times the number directed at the Organization in the same period last year,” WHO said. 

“The leaks may also be tied to political hostility to the Gates Foundation’s work on vaccinations and its participation in an October 2019 pandemic wargaming session, Event 201,” Bastable said. “So this ‘leak’ may be a politically motivated action designed to capitalize on the WHO’s woes and [Microsoft founder Bill] Gates’s drive to promote his Foundation’s vaccines combined with tech-based lockdown ‘passports.’”

WHO said it “is now migrating affected systems to a more secure authentication system” and is “working with the private sector to establish more robust internal systems and to strengthen security measures and is educating staff on cybersecurity risks.” 

While Craig Cooper, COO of Gurucul, said “it’s truly heartbreaking to have to divert resources from saving lives to saving PII data of WHO staff” at a time when the health of people around the globe is at risk, he maintained the leak “reinforces the need for every organization to secure their systems and data on a continuous basis with modern cyber defenses.”

Click here to go to the original source and author to this story.

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

.  .  .  .  .  .  . .  .  .  .  .  .  .  .  .  .   .   .   .    .    .   .   .   .   .   .  .   .   .   .  .  .   .  .

Posted in Breaking News, News Wire





Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW