According to a report submitted by the Associated Press, hackers infiltrated the UN networks in Geneva and Vienna last year. The breach was kept under wraps by the top UN officals. Right now it is not known who the hackers were or how much data they obtained. This hack is one of the largest known breaches to have affected the United Nations.
The breach affected dozens of UN servers in three different locations. The UN Office at Geneva, the UN Office at Vienna, and the UN Office of High Commissioner for Human Rights (OHCHR) in Geneva. All these servers hold a wide range of data, including personal information about staff. The attack began in mid-July 2019 but was not noticed until a month later.
Ian Richards, president of the Staff Council at the UN told AP that “Staff at large, including me, were not informed. All we received was an email (on Sept. 26) informing us about infrastructure maintenance work.”
What is the damage?
An internal confidential document from the United Nations leaked to The New Humanitarian reports that four servers in Vienna, 33 servers in the UN Office at Geneva, and at least three at OHCHR in Geneva were compromised.
The leaked report says that logs that would have identified the hackers, for example, what was accessed and how, were cleared. This means that the hackers knew what they were doing and cleaned up after themselves. The report also says that some of the accounts accessed belonged to the domain administrators, who by default have access to all the user accounts.
A senior UN IT official said much more data was stolen than the UN implied. 400 GB of private data was downloaded and according to the official the UN is downplaying the severity of the breach. The user lists were important, and “once you’ve got privileged access, you’ve got into everything.”
The official also told AP that “given the sophistication of the attack, it’s possible a state-backed actor was responsible”. They added that “systems have since been reinforced.”
Read Also: Bluetooth Devices Vulnerable to Hacking
Do you think it was wrong of the United Nations to hide the hack from the public and its staff? Then, let us know your thoughts in the comments below! Continue to check out Maticstoday for the latest news items, product reviews, security practices, and video game discussions.