The World Health Organization is accused of looking the other way in China’s underreporting of coronavirus cases; Gillian Turner reports from Washington.
Get all the latest news on coronavirus and more delivered daily to your inbox. Sign up here.
The coordinated takedowns came as much of the world struggled with how to handle coronavirus and keep their economies from crashing.
Governments, global organizations as well as private sector companies moved their operations out of traditional workspaces and allowed their employees to log in from home. But by doing so, companies exposed themselves to serious security breaches, Chinese Internet security company Qihoo 360 reported.
The report said the attacks began in March on a Chinese VPN provider called SangFor, which is used by a number of Chinese governmental agencies.
“Since March this year, more than 200 VPN servers have been compromised and many Chinese institutions abroad were under attack,” Qihoo said. “In early April, the attack spread to government agencies in Beijing and Shanghai.”
Qihoo 360 said there had been victims in Afghanistan, Armenia, Ethiopia, India, Indonesia, Iran, Israel, Italy, Kyrgyzstan, Malaysia, North Korea, Pakistan, Saudi Arabia, Tajikistan, Thailand, Turkey, UAE, United Kingdom and Vietnam.
China’s Ministry of Foreign Affairs spokesman Zhao Lijian called for more international cooperation to protect sensitive information.
“The Chinese government has been resolutely cracking down on any form of cyberattacks and will step up measures to protect its cybersecurity,” South China Morning Post quoted him as saying.
In its report, Qihoo 360 speculated that the East Asia-based DarkHotel hacking group was behind the campaign to hack Chinese agencies as payback for coronavirus, which as of Tuesday afternoon has infected nearly 1.4 million people and killed more than 76,500 around the world.
DarkHotel, made up of elite hackers, has been on the cyberstalking and spying scene for more than a decade.
The group is also one of the main suspects behind the recent cyberattack attempt against the World Health Organization.
In that case, Alexander Urbelis, a cybersecurity expert and attorney with the New York-based Blackstone Law Group, picked up suspicious activity around the middle of March, when a group of hackers he had been monitoring activated a malicious site set up to look like it was the WHO’s internal email system.
“I realized quite quickly that this was a live attack on the World Health Organization in the midst of a pandemic,” he told Reuters.
Urbelis confirmed to the news agency that people were trying to steal passwords from multiple agency staffers.
The WHO published a report in March warning the public that hackers were trying to scam people out of money and sensitive information.