Hackers Steal Data from United Nations

Written by

Hackers have broken into the computer network of the United Nations and made off with data, according to researchers at cybersecurity firm Resecurity

Bloomberg reports that the unidentified cyber-criminals behind the theft appear to have gained access simply by using login credentials stolen from a UN employee. 

Entry was gained by logging in to the employee’s Umoja account. Umoja, which means “unity” in Kiswahili, is the enterprise resource planning system implemented by the UN in 2015.

It has been theorized that the username and password used in the cyber-attack were purchased from a website on the dark web.

Gene Yoo, chief executive officer at Resecurity, said: “Organizations like the UN are a high-value target for cyber-espionage activity. 

“The actor conducted the intrusion with the goal of compromising large numbers of users within the UN network for further long-term intelligence gathering.”

Researchers found that the UN’s systems were first accessed by hackers on April 5, 2021, and that network intrusions continued to take place until August 7. 

No evidence was found to suggest that the attackers had damaged or sabotaged the UN’s computer network. The hackers seem to have been motivated instead by a desire to collect information. 

Resecurity said that after reporting the security incident to the UN, it worked with the organization’s security team to determine the scale of the intrusion. 

While the UN reportedly believes the attack was a reconnaissance mission by hackers who took nothing but screenshots of the organization’s compromised network, Resecurity researchers say that data was stolen in the incident. 

Yoo told Bloomberg that the UN ceased communicating with Resecurity after proof of data theft was provided to the organization.

“This attack had been detected before we were notified by the company cited in the Bloomberg article, and corrective actions to mitigate the impact of the breach had already been planned and were being implemented,” UN spokesman Farhan Haq told the DailyMail.com.

“At that time, we thanked the company for sharing information related to the incident and confirmed the breach to them.”

Haq added that the United Nations is frequently targeted by cyber-attacks, including sustained campaigns. 

What’s hot on Infosecurity Magazine?