Earlier this year, hackers gained access into the United Nations’ computer network and stole a trove of data, according to researchers from Resecurity.
Reported by Bloomberg, the threat actors gained access by simply using login credentials stolen from a UN employee.
The credentials belonged to an account on the UN’s proprietary project management software named Umoja. The hackers were then able to obtain further access to the UN’s network from there. It is said the hackers had access to the UN’s servers as early as April 5, and were active on the network as of August 7.
“Organizations like the UN are a high-value target for cyber-espionage activity,” Resecurity Chief Executive Officer Gene Yoo said. “The actor conducted the intrusion with the goal of compromising large numbers of users within the UN network for further long-term intelligence gathering.”
No evidence was found to suggest that the attackers had damaged the UN’s network.
Upon reporting the security incident to the UN, Resecurity worked with the organiation’s security team to determine the scale of the attack.
“Traditionally, organizations like the United Nations have been targeted by nation state actors, but as cybercriminals are finding ways to more effectively monetize stolen data and as access to these organizations is more frequently available for sale by initial access brokers, we expect to see them increasingly targeted and infiltrated by cybercriminals,” said Allan Liska, a senior threat analyst at Recorded Future.
PrivSec Global is back for another 2 information-packed days, featuring a series of brand new topics and themes.