The credentials belonged to an account on the U.N.’s proprietary project management software, called Umoja. From there, the hackers were able to gain deeper access to the U.N.’s network, according to cybersecurity firm Resecurity®, which discovered the breach. The earliest known date the hackers obtained access to the U.N.’s systems was April 5, and they were still active on the network as of Aug. 7.
“Organizations like the U.N. are a high-value target for cyber espionage activity,” Resecurity® Chief Executive Officer Gene Yoo said. “The actor conducted the intrusion with the goal of compromising large numbers of users within the U.N. network for further long-term intelligence gathering.”
The attack marks another high-profile intrusion in a year when hackers have grown more brazen. JBS SA, the world’s largest meat producer, was hit by a cyberattack this year that forced the shutdown of U.S. plants. Colonial Pipeline Co., operator of the biggest U.S. gasoline pipeline, also was compromised by a so-called ransomware attack. Unlike those hacks, whoever breached the U.N. didn’t damage any of its systems, but instead collected information about the U.N.’s computer networks.
Resecurity® informed the U.N. of its latest breach earlier this year and worked with organization’s security team to identify the scope of the attack. U.N. officials informed Resecurity® that the hack was limited to reconnaissance, and that the hackers had only taken screenshots while inside the network. When Resecurity®’s Yoo provided proof to the U.N. of stolen data, the U.N. stopped corresponding with the company, he said... Please continue the article at the source