The UN acknowledges that cyberattacks are extremely sophisticated and cannot identify the culprit

The United Nations recently acknowledged that the organization was the target of a large-scale cyberattack in the summer of 2019. In particular, the attack is thought to be sponsored by a nation.

According to an investigation report, around July 2019, a group of hackers successfully exploited a flaw in the Microsoft SharePoint service and spread an unknown malware to gain access to dozens of servers. important at United Nations offices in Geneva and Vienna, as well as the Office of the United Nations High Commissioner for Human Rights (OHCHR). 'The attack has led to some of our core infrastructure components being successfully hacked by hackers. Because the exact nature and extent of the case could not be determined, we decided not to disclose the details of the case at the time, '' a UN spokesman said.

Jake Williams, a former white-hat hacker who worked for the US government, identified the attack as the color of a cyber-espionage operation. The reason is that the entire traces of the intrusion were neatly cleaned up by attackers, making UN security experts unable to determine where these hackers came from. how to calculate. More than 400GB of data from UN servers was stolen without leaving any traces behind, suggesting they are 'skilled' hackers and most likely funded by a certain government. .

The good news (unless you are an employee of the United Nations) is that the compromised servers mostly contain employee information. The UN then asked all its staff to reset their personal passwords, but declined to go into details.

This is not the first time the United Nations cover up information about the data breaches they encounter. In 2016, Panda Emissary, a hacker group connected to the Chinese government, gained unauthorized access to the International Civil Aviation Organization's servers. The United Nations only voiced its acknowledgment of the breach only after CBC reported it.