The organization admits experiencing sophisticated cyberattacks after Media Leaked Details.
The United Nations (UN) is regarded as an all-talk-no-action organization primarily because of its utter failure in protecting the developing world from destruction at the hands of and dictators and superpowers. However, it seems that the organization is as helpless in its internal matters as it is towards world issues.
According to the UN’s internal confidential report, the organization was the target of a “sophisticated” cyberattack in 2019. Reportedly, the organization is still trying to find out the extent of data loss and the identities of the hackers. The UN report was apparently leaked to The New Humanitarian and The Associated Press (AP) was able to access it from there.
As per the details of the attack shared by AP, a group of hackers exploited Microsoft SharePoint’s vulnerability and used an unidentified malware to access the UN’s servers in its Vienna and Geneva offices and the UN High Commissioners for Human Rights office.
The human rights office is where sensitive data related to human rights abuse is collected and stored. The attack occurred in July 2019 and resulted in compromising the organization’s “core infrastructure components.” The offices have a total of 4,000 employees.
The AP reported that during the espionage operation, dozens of servers were compromised. Furthermore, it is most likely that the hacker behind the spying campaign was state-sponsored. What’s most disturbing is the fact that the organization chose not to disclose details of the attack until the AP and The New Humanitarian obtained internal documents and reported about it.
As per a UN spokesperson, the nature and scope of the attack haven’t been determined yet and it was the UN’s decision to not disclose the security breach publicly.
In a comment to HackRead, Craig Hinkley, CEO, WhiteHat Security, said “In a tense geo-political climate, nation-state attacks are on the rise, and this comes as no surprise. These attacks have the potential to cause serious havoc to systems around the world, often targeting critical infrastructure like power grids and industrial control systems, as well as government agencies.”
“With the focus of today’s headlines on the United Nations, it appears the international entity has been targeted with malware that was potentially leveled through an application vulnerability in MS SharePoint. For years, these app vulnerability attacks have successfully disrupted operations and leaked sensitive information,” Craig pointed out.
“While security teams investigate which country may have launched this attack, our job as security professionals is to recognize that the threats are bigger than just one country. This is a global problem that we’re contending with, and staying ahead of nation-state attacks is fundamentally a matter of proactively taking steps and using vigilance to limit the impact of an attack.”
“WhiteHat Security has the resources, technology, and services to help the U.N. and other agencies defend against sophisticated cyberattacks like this one. We’re actively partnering with the public sector to defend against rising nation-state attacks by offering our dynamic application security testing (DAST) and an entry-level static application security testing (SAST) solution to agencies at no charge.”
A former US government hacker Jake Williams assessed the attack and concluded that it seems like an espionage operation in which hackers were able to evade detection by deleting the logs that could have stored information about their intrusion.
It is reported that the hackers downloaded approx. 400GB of data, which includes sensitive employee-related information. However, the exact contents of the hacked database are yet unknown to the organization. The organization has asked its employees to change their passwords and the targeted systems have been reinforced as well.