Cybersecurity firm Resecurity revealed that a group of hackers stole confidential data from the UN’s computer network. According to Bloomberg, the hackers who stole the credentials of a UN employee were able to access the system by using the username and passwords stolen from the employee’s account.
Logging in to the employee’s account was necessary to gain entry into the system. They used the employee’s Umoja account, which is the enterprise resource planning system that the UN has been using since in 2015.
The threat actor targeted the UN’s network to gather intelligence for long-term exploitation. After all, the data stolen from the UN is extremely important for every nation.
The researchers also revealed that hackers first accessed the systems of the United Nations in April 2021, and the attacks continued until August 7.
There was no evidence suggesting that the attackers were able to damage or sabotage the UN’s network. Instead, they were only focused on stealing sensitive information.
Resecurity also said it worked with the UN’s security team to determine the extent of the intrusion.
According to the UN, the hackers only took screenshots of the UN’s compromised network while stealing the data. While Resecurity researchers believe that they actually stole data in the incident.
The report by Bloomberg also confirmed that the UN suspended its communications with Resecurity after the latter confirmed and provided proof about the data theft.
A UN spokesperson Farhan Haq revealed that the organization has already taken immediate actions to remediate the uncomfortable incident. He also explained that cyber attackers often attack the UN to get their hands on confidential data.