Since April, cyber-criminals have been collecting data from the United Nations' internal system. Using a stolen employee's credentials obtained from a dark web site, threat actors accessed the servers of the international organization.
According to recent allegations, the login details, which included a username and password, were placed on the dark web for sale by Russian-speaking threat actors. Their names remain unknown.
It turns out that the hackers' collection of personal data is valuable enough to grant inside access to the worldwide organization's project management software.The fact that this entry point gives cyber-criminals access to crucial information on government and humanitarian initiatives throughout the world has alarmed analysts.
Gene Yoo (CEO of cyber-security firm Resecurity) told DailyMail.com that his business initially discovered the UN data leak in July after conducting a dark web monitoring operation.
The chief executive went on to affirm the generally held belief that institutions like the United Nations have become popular targets for fraudsters trying to earn a quick cash. The threat actors, according to Yoo, carried out the breach with the goal of compromising UN network users as part of a long-term cyber espionage plan.
UN confirms the cyber-attack
The United Nations has subsequently confirmed the cyber-attack, but claims that the attackers merely took screenshots.
Farhan Haq, a representative for the worldwide organization, denied that they initially learned of the attack via Resecurity. He went on to claim that they had already discovered a lot of breaches. According to Farhan, the UN's early discovery of the hack was followed by mitigating steps to ensure that the breach's damage was minimized.
The UN spokesman went on to create a picture of readiness on the UN's side, claiming that the organization's worldwide status has made it a popular target for long-term cyber-crime efforts.
Not the first breach
Attacks on institutions like the UN are likely to rise and become more targeted, according to a senior threat analyst at Recorded Future. The analyst, Allan Liska, linked the UN breach to nation-state actors who have been developing new ways to commercialize stolen data.
Looking back, Dutch and British authorities foiled a planned 2018 cyber-attack by Russian agents on the Organization. It is believed this was done due the Prohibition of Chemical Weapons. UNs closest partners got targeted.
Because of their investigations into the near-fatal March 2018 poisoning of a Russian double agent for British intelligence and his daughter in the UK, hackers became aware of the group.
Furthermore, data privacy activists put the UN on notice in 2019 after claims that it attempted to conceal evidence of a hacking attack targeted at the organization's IT systems in Europe. The move may have put personnel, other large facilities, and individuals in grave danger.
Then, in what was characterized as the biggest breach ever directed at the global organization, dozens of UN computers were hacked and a number of administrator credentials were hijacked.
It is clear, that cyber-attacks are on the rise, but not just for profit. Politically motivated cyberattacks are becoming more common too. It is important that all organizations, including ones run by governments should be highly secured.