According to the recent reports of cybersecurity researchers, threat actors broke into United Nation’s computer network and stole highly sensitive data. In addition to the reports, the breach has quickly taken place using stolen login credentials from a United Nations employee. The information about the attackers is still unidentified as of now.
The hackers were able to enter the computer network of UN through the Umoja account of an employee – an enterprise resource planning (ERP) system of United Nations executed last 2015. Umoja also means unity in Kiswahili. Theories have emerged because the login credentials came from a UN employee, saying that the username and password used in the breach had been bought through a dark web marketplace. Researchers added that high-value organizations such as the United Nations have been a target of cyber-espionage strategies. Also, the attackers performed the intrusion to exploit a massive number of users inside the network of the United Nations for collecting long-term information.
It was April 5th this year when hackers have initially accessed the system of the United Nations.
It has continued to take place until August 7th, wherein their networks were intruded. Nevertheless, it was unknown if the threat actors had managed to sabotage or damage the computer network of the UN due to a lack of concrete evidence. With this, it seems like the attackers are only targeting to collect substantial information from the UN’s system network and not sabotage them.
United Nations have worked alongside cybersecurity researchers and security teams upon learning the incident after being reported to them to ascertain the breach’s weight and impact. Even though the UN believes that the attack is likely to be a method of being surveyed due to being stolen nothing but screenshots, some researchers still say that there possibly was undetected data stolen from the incident.
After evidence of data, theft was delivered to the organization, United Nations have reportedly stopped its communication with security researchers. As stated by the spokesperson from the UN, corrective actions to solve the issue are now being implemented. They are also grateful for the company’s contributions for sharing details that helped them confirm the intrusion.