We use cookies to provide some features and experiences in QOSHE

More information  .  Close
Aa Aa Aa
- A +

United Nations (UN) Breached

4 0 1

In the spring and summer of 2021, hackers stealthily entered the United Nation’s (UN) proprietary project management software, Umoja, accessing the network and stealing critical data to be used in further attacks. “The stolen data from the UN’s network could be used to target agencies within the UN, and already potentially has” according to Stéphane Dujarric, spokesperson for the UN Secretary-General and detailed in this report.

It’s not the UN’s first breach, in January 2020, the operators behind the notorious Emotet malware took aim at the UN through a phishing campaign with the intent of stealing credentials and deliver the TrickBot trojan. That breach ultimately was traced to a Microsoft SharePoint flaw which resulted in 400 GB worth of sensitive data being stolen.

The stolen credentials in the latest attack belonged to an account on the UN’s exclusive project management software, Umoja. The user of the account had not enabled Two-Factor Authentication (2FA), the gold standard for authentication, allowing hackers to use their credentials to access the software and move deeper into the network.

Hackers will sometimes ‘Brute........

© Business 2 Community

Get it on Google Play