COVID-19 brings wave of cyberattacks against NGOs

BELFAST, Northern Ireland — Aid groups say they are coming under an increased number of cyberattacks as they try to work through the disruption of COVID-19.

NGO leaders said attackers are hoping to benefit from money intended for the pandemic response and capitalize on weaknesses caused by the disruption.

"We have definitely noticed an increase in cyberattacks and phishing attempts since many of our team members around the world have switched to working remotely," said Michael Boeglin, chief information officer at Mercy Corps, in an email.

“Attackers are taking advantage of the fear, confusion, and stress that people are experiencing during the pandemic by sending phishing, smishing [fraudulent text messages], and other types of attacks designed to capitalize on these fears. They know that people are distracted, seeking information from multiple sources, and generally more vulnerable at times like these,” he wrote.

Boeglin said Mercy Corps had seen an increase in cyberattacks and phishing emails related to the pandemic, such as requests for donations or chances to apply for government assistance.

Jagan Chapagain, secretary-general of the International Federation of Red Cross and Red Crescent Societies, said his organization had also seen a spike in attacks.

He cited two possible reasons: “One, this is the type of situation hackers try to use [because of] the money and donor contributions. ... Second, because a lot of people are also locked down in their own home, I think this is probably a fun attempt for [the hackers]. They have plenty of time to experiment with their skills.”

Last month, it was reported that the World Health Organization had been the target of an unsuccessful but sophisticated hack that imitated the U.N. agency’s internal email system.

WHO said it is experiencing double the normal amount of cyberattacks as scammers “take advantage of the COVID-19 emergency” by sending fraudulent email and WhatsApp messages in an attempt “to steal money or sensitive information.” It issued staffers advice on how to prevent security breaches, which included double-checking email addresses and links, verifying any suspicious communication with WHO directly, and not opening email attachments from the agency that were not requested.

While Catholic Relief Services hasn’t seen an increase in attacks, Vice President and Chief Information Officer Karl Lowe said the organization has similarly issued updated advice for staff. He said that cybersecurity requires a three-pronged approach covering people, processes, and technology — and that people are typically the weakest link, especially when overwhelmed or distracted, as might currently be the case.

As part of their cybersecurity training, both CRS and Mercy Corps simulate phishing attempts to identify those who may need a refresher.

“If this [situation] lasts much longer I do think we need to think about other ways of engaging both with the people and other technologies,” Lowe said, adding that this could mean rolling out more multifactor authentication and more robust screening tools.

The Canadian, U.S., and U.K. governments have all issued warnings about increased levels of cyberattacks during the crisis.

Visit our dedicated COVID-19 page for news, job opportunities, and funding insights.