An internal confidential report from the United Nations that was leaked to The New Humanitarian revealed that dozens of servers of the organization were “compromised” at offices in Geneva and Vienna.
One of the offices that were hit by a sophisticated cyber attack is the U.N. human rights office, the hackers were able to compromise active directory and access a staff list and details like e-mail addresses. According to the report, attackers did not access passwords.
“One U.N. official told the AP that the hack, which was first detected over the summer, appeared “sophisticated” and that the extent of the damage remains unclear, especially in terms of personal, secret or compromising information that may have been stolen.” reported the Associated Press, which has seen the report.
The level of sophistication of the attack and the specific nature of the target suggests the involvement of a nation-state actor.
“We were hacked,” declared U.N. human rights office spokesman Rupert Colville. “We face daily attempts to get into our computer systems. This time, they managed, but it did not get very far. Nothing confidential was compromised.”
The report states that at least 42 servers were “compromised,” three of them belonged to the Office of the High Commissioner for Human Rights. Experts suspect that another 25 servers located at the United Nations offices in Geneva and Vienna were also compromised.
“Technicians at the United Nations office in Geneva, the world body’s European hub, on at least two occasions worked through weekends in recent months to isolate the local U.N. data center from the Internet, re-write passwords and ensure the systems were clean.” continues AP News.
The U.N. confidential report speculates that attackers could have exploited a vulnerability in Microsoft Sharepoint.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – United Nations, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer…
Security researchers at Citizen Lab revealed that Paragon's Graphite spyware can hack fully updated iPhones…
Two vulnerabilities in SinoTrack GPS devices can allow remote vehicle control and location tracking by…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wazuh, and WebDAV flaws to its Known…
Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and…
INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied…
This website uses cookies.
![](data:image/svg+xml;charset=utf-8,<svg height="244px" width="435px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)