Willie R. Tubbs, FISM News
Last week, the United Nations confirmed a Bloomberg News report that in April hackers, using credentials acquired on the dark web, had accessed the United Nations’ computer system.
“We can confirm that unknown attackers were able to breach parts of the United Nations infrastructure in April of 2021,” U.N. spokesperson Stéphane Dujarric said.
This breach was likely used as a means of gaining data that could be used for future attacks on the United Nations’ systems or those of other governments. According to Bloomberg’s report, the organization is still working to secure their servers as there has still been evidence of hacker activity inside their system as late as August.
“We can also confirm that further attacks have been detected and are being responded to, that are linked to the earlier breach,” Dujarric said in the same statement.
The credentials the hackers used to breach the U.N. system originated from Umoja, a system the United Nations developed as a means of streamlining its business and administrative processes. When stolen Umoja credentials became available on the dark web, the hackers pounced.
“Organizations like the U.N. are a high-value target for cyber espionage activity,” said Gene Yoo, CEO of Resecurity, the cybersecurity company that initially discovered the breach. “The actor conducted the intrusion with the goal of compromising large numbers of users within the U.N. network for further long-term intelligence gathering.”
The United Nations is often targeted by hackers and has employed a task force known as the Office of Information and Communications Technology since 2013 to protect its data.
However, this has not prevented particularly skilled, coordinated, and determined hackers from attacking the U.N.’s systems. As recently as 2019, at least 42 U.N. servers were compromised and some administrators’ accounts were breached in what at the time was labeled a “serious” attack.
Cyberattacks are becoming commonplace in the modern world, as are discoveries of sensitive, often troubling, information on the dark web. Last week, NBC News discovered that hackers were leaking American school children’s data on the dark web, this following high-profile hacks of T-Mobile and tech-management firm Kaseya in just the past two months.