Incidents

SharePoint vulnerability led to the hacking of 42 servers with 400 GB of United Nations data

A few months ago, an information security firm reported the hacking of the United Nations (UN) headquarters, an incident that jeopardized the integrity of thousands of personal records of its employees. Despite the seriousness of the incident, the organization decided to cover it up at the time.

It is up to this point that the UN decided to publicly
disclose the incident, previously revealed by The New Humanitarian, which until
a couple of years ago was an official UN publication.

According to the information security report,
dozens of servers were affected by an attack deployed between June and
September 2019. Threat actors reportedly exploded multiple security bugs,
despite subsequent attempts to repel the attack. The likely cause of the
incident is the exploitation of a known vulnerability in SharePoint.

A security alert sent internally to UN system
administrators mentions: “We work under the assumption that the entire domain
has been compromised. So far, attackers have shown no signs of activity,
although we assume they have already gained persistence in our systems.”

The UN IT personnel began to refer to this
incident as “the great meltdown” after it was confirmed that the
attackers accessed staff records, collective contracts, and other confidential
details. In total, hackers compromised 40 servers, most of them based in
Geneva, which equates to about 400 GB of exposed data.

Although the incident compromised multiple
personal details, the organization’s IT team only recommended affected users to
reset their passwords, without informing them that their information was
available to hackers.

Information security specialists at the
International Institute of Cyber Security (IICS) mention that, in similar
cases, attacked companies must at least provide their employees or customers
with identity fraud protection service and credit monitoring to reduce risk to
affected users. This is serious, as to date there are hundreds of employees of the
organization who are not even aware that their information is in the hands of
cybercriminals.

In addition, the information security incident
does not only involve UN administrative staff, but multiple senior officials
were also affected, including members of the office of the High Commissioner
for Human Rights. This is a serious situation, as many files handled by this
committee have to do with political activists fighting for human rights in
authoritarian settings, so it is vital to ensure that this information is not
exposed on the network.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

To Top

Pin It on Pinterest

Share This