William Turton and Kartikay Mehrotra of Bloommberg report:
Hackers breached the United Nations’ computer networks earlier this year and made off with a trove of data that could be used to target agencies within the intergovernmental organization.
The hackers’ method for gaining access to the UN network appears to be unsophisticated: They likely got in using the stolen username and password of a UN employee purchased off the dark web.
Read more on Yahoo!
Update: There are some interesting updates to this story since it was originally published. It’s clear from reading the updated reporting that there have been multiple and concerning hacks of the U.N., and that when whitehats try to alert the U.N. or help secure the data, they are either ignored or criticized.
Example 1 (from the Bloomberg report):
According to Resecurity, company officials informed the UN of its latest breach earlier this year and worked with organization’s security team to identify the scope of the attack. The UN’s Dujarric said the international organization had already detected the attack.
UN officials informed Resecurity that the hack was limited to reconnaissance, and that the hackers had only taken screenshots while inside the network, according to Resecurity. When Resecurity’s Yoo provided proof to the UN of stolen data, the UN stopped corresponding with the company, he said.
The U.N. provided the following statement (via Bloomberg):
Example 2 (from Chris Vickery on Twitter):
I found some UN staff credentials in 2017 among a collection of UN server backups. They had been accidentally exposed to the public internet.
I notified federal law enforcement.
Days later the head of AWS security called me to complain and criticize my actions. https://t.co/ua7YYqr8PK— Chris Vickery (@VickerySec) September 9, 2021
For a glimpse of just some of other reports of hacks and incidents involving the U.N., take a look at DataBreaches.net’s list of posts.
