RateCaptain
  • FX Rates
  • Money Market
  • Cryptocurrency
  • Commodities
  • Corporates
  • Contact Us
No Result
View All Result
Subscribe
  • FX Rates
  • Money Market
  • Cryptocurrency
  • Commodities
  • Corporates
  • Contact Us
No Result
View All Result
RateCaptain
No Result
View All Result
Home Technology

UN Computers Breached By Hackers

Rate Captain by Rate Captain
September 9, 2021
in Technology
Reading Time: 4 mins read
A A
0
Share on FacebookShare on TwitterShare on WhatsappShare on Telegram

AlsoRead

Telcos issue banks disconnection notice over USSD debt

Amazon Ring to Pay $5.8 Million Settlement over Privacy Violations, FTC Confirms.

Nigeria’s Leading Crypto Marketplace Patricia Suffers Severe Security Breach

Hackers breached the United Nations’ computer networks earlier this year and made off with a trove of data that could be used to target agencies within the intergovernmental organization.

The hackers’ method for gaining access to the UN network appears to be unsophisticated: They likely got in using the stolen username and password of a UN employee purchased off the dark web.

The credentials belonged to an account on the UN’s proprietary project management software, called Umoja. From there, the hackers were able to gain deeper access to the UN’s network, according to cybersecurity firm Resecurity, which discovered the breach. The earliest known date the hackers obtained access to the UN’s systems was April 5, and they were still active on the network as of Aug. 7.

“Organizations like the UN are a high-value target for cyber espionage activity,” Resecurity Chief Executive Officer Gene Yoo said. “The actor conducted the intrusion with the goal of compromising large numbers of users within the UN network for further long-term intelligence gathering.”

The attack marks another high-profile intrusion in a year when hackers have grown more brazen. JBS SA, the world’s largest meat producer, was hit by a cyberattack this year that forced the shutdown of U.S. plants. Colonial Pipeline Co., operator of the biggest U.S. gasoline pipeline, also was compromised by a so-called ransomware attack. Unlike those hacks, whoever breached the UN didn’t damage any of its systems, but instead collected information about the UN’s computer networks.

Resecurity informed the UN of its latest breach earlier this year and worked with organization’s security team to identify the scope of the attack. UN officials informed Resecurity that the hack was limited to reconnaissance, and that the hackers had only taken screenshots while inside the network. When Resecurity’s Yoo provided proof to the UN of stolen data, the UN stopped corresponding with the company, he said.

The Umoja account used by the hackers wasn’t enabled with two-factor authentication, a basic security feature. According to an announcement on Umoja’s website in July, the system migrated to Microsoft Corp.’s Azure, which provides multifactor authentication. That move “reduces the risk of cybersecurity breaches,” an announcement on Umoja’s site read.

The UN didn’t respond to requests for comment.

The UN and its agencies have been targeted by hackers before. In 2018, Dutch and British law enforcement foiled a Russian cyberattack against the Organisation for the Prohibition of Chemical Weapons as it probed the use of a deadly nerve agent on British soil. Then, in August 2019, the UN’s “core infrastructure” was compromised in a cyberattack that targeted a known vulnerability in Microsoft’s SharePoint platform, according to a report by Forbes. The breach wasn’t publicly disclosed until it was reported by the New Humanitarian news organization.

In the latest breach, hackers sought to map out more information about how the UN’s computer networks are built, and to compromise the accounts of 53 UN accounts, Resecurity said. Bloomberg News wasn’t able to identify the hackers or their purpose in breaching the UN.

Bloomberg News did review dark web ads where users across at least three marketplaces were selling these same credentials as recently as July 5.

The reconnaissance carried out by the hackers may enable them to conduct future hacks or to sell the information to other groups that may seek to breach the UN.

“Traditionally, organizations like the United Nations have been targeted by nation state actors, but as cybercriminals are finding ways to more effectively monetize stolen data and as access to these organizations is more frequently available for sale by initial access brokers, we expect to see them increasingly targeted and infiltrated by cybercriminals,” said Allan Liska, a senior threat analyst at Recorded Future. Liska said he had seen the username and password for UN employees for sale on the dark web.

The credentials have been offered by multiple Russian-speaking cybercriminals, according to Mark Arena, chief executive officer of security-intelligence firm Intel 471. The UN credentials were being sold as part of a patch of dozens of usernames and passwords to various organizations for just $1,000.

“Since the start of 2021 we’ve seen multiple financially motivated cybercriminals selling access to the Umoja system run by the United Nations,” Arena said. “These actors were selling a broad range of compromised credentials from a multitude of organizations at the same time. In a number of previous occasions, we’ve seen compromised credentials being sold to other cybercriminals, who have undertaken follow up intrusion activity within these organizations.”

Previous Post

Minister Of Trade – Trade Ministry Considering Robust Roles In The Economy

Next Post

Facebook And Ray- Ban May Launch Smart Glasses On The 9th September

Related News

Telcos issue banks disconnection notice over USSD debt

Telcos issue banks disconnection notice over USSD debt

by Rate Captain
June 2, 2023
0

Telecommunication firms in Nigeria have issued a notice of disconnection to Deposit Money Banks (DMBs) due to an ongoing dispute...

Amazon Ring to Pay $5.8 Million Settlement over Privacy Violations, FTC Confirms.

Amazon Ring to Pay $5.8 Million Settlement over Privacy Violations, FTC Confirms.

by Rate Captain
June 1, 2023
0

Ring has stated that the employees involved in these breaches are no longer employed by the company, according to a...

Nigeria’s Leading Crypto Marketplace Patricia Suffers Severe Security Breach

Nigeria’s Leading Crypto Marketplace Patricia Suffers Severe Security Breach

by Rate Captain
May 28, 2023
0

Patricia, a prominent cryptocurrency marketplace in Nigeria, has fallen victim to a significant security breach that has compromised its financial...

Neuralink Receives FDA Approval for Human Brain Implant Clinical Trial.

Neuralink Receives FDA Approval for Human Brain Implant Clinical Trial.

by Rate Captain
May 26, 2023
0

Neuralink, the neurotech startup co-founded by Elon Musk, has achieved a significant breakthrough as it received approval from the Food...

Next Post

Facebook And Ray- Ban May Launch Smart Glasses On The 9th September

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

US Nation’s Employers Add 339,000 Jobs in May, Defying Market Expectations.

US Nation’s Employers Add 339,000 Jobs in May, Defying Market Expectations.

June 2, 2023
Ride-hailing Drivers in Nigeria Demand a Price Increase of 200%.

Ride-hailing Drivers in Nigeria Demand a Price Increase of 200%.

June 2, 2023

Popular Story

  • Providus Bank Plc Announces Graduate Management Trainee Program 2023/2024.

    Providus Bank Plc Announces Graduate Management Trainee Program 2023/2024.

    0 shares
    Share 0 Tweet 0
  • Ride-hailing Drivers in Nigeria Demand a Price Increase of 200%.

    0 shares
    Share 0 Tweet 0
  • Telcos issue banks disconnection notice over USSD debt

    0 shares
    Share 0 Tweet 0
  • US Nation’s Employers Add 339,000 Jobs in May, Defying Market Expectations.

    0 shares
    Share 0 Tweet 0
  • Telecom Operators Blame Communications Minister for Telecom Debt Crisis

    0 shares
    Share 0 Tweet 0
RateCaptain

RateCaptain

We bring you the most accurate in new and market data. Check our landing page for details.

  • FX Rates
  • Money Market
  • Cryptocurrency
  • Commodities
  • Corporates
  • Contact Us

Copyright © 2022 RateCaptain - All rights reserved by RateCaptain.

No Result
View All Result
  • FX Rates
  • Money Market
  • Cryptocurrency
  • Commodities
  • Corporates
  • Contact Us

Copyright © 2022 RateCaptain - All rights reserved by RateCaptain.

?>