The United Nations has admitted that malicious figures were able to breach its network earlier this year and steal data which could now be used for facilitating future attacks on the organization as well as on other agencies.
“We can confirm that unknown attackers were able to breach parts of the United Nations infrastructure in April of 2021,” Stéphane Dujarric, spokesman for the UN Secretary-General, said in a statement.
Dujarric added that the international body is a frequent target of cyberattacks, and also confirmed that it has been responding to other attacks linked to the earlier breach.
- These are the best endpoint protection tools
- Here's our choice of the best malware removal software on the market
- Check our list of the best firewall apps and services
Based on investigations carried out by the UN’s cybersecurity teams, the intruders made their way into the system on April 5, and there are indications that they were active inside the network at least till August 7.
Unsophisticated breach
Reporting on the development, Bloomberg believes that the intruders likely got in using the stolen login credentials of an UN employee purchased off the dark web.
“Initial access via credentials purchased from the dark web is now becoming standard modus operandi. So much so that we now have Initial Access Brokers (IABs) who specialize in just that and then sell off that access to other entities like ransomware affiliates or state sponsored groups,” Saumitra Das, CTO and cofounder, of security vendor Blue Hexagon tells TechRadar Pro.
Baber Amin, Chief Operating Officer, Veridium goes one step ahead and tells us that the UN breach is a good example of securing access using passwords alone.
“The best thing is to eliminate the use of passwords from as many systems as possible. If that is not possible, multi-factor authentication (MFA) should be implemented for all access,” suggests Amin.
- Protect your devices with these best antivirus software
Via Bloomberg
