The UN has confirmed that its communications infrastructure received a cyberattack in April this year and is currently “responding” to others, after Bloomberg reported that hackers stole data that could affect agencies of the organization. “We can confirm that unknown attackers were able to violate parts of the United Nations infrastructure in April 2021,” spokesperson Stéphane Dujarric acknowledged in a statement, referring to the report and the cybersecurity firm Resecurity, which discovered the breach. of the system.
97% of the emails used by officials are unprotected against identity theft
“The United Nations is often the target of cyberattacks, including sustained campaigns. We can also confirm that more attacks have been detected and are being responded to that are linked to the previous breach,” he added. According to the Bloomberg article, which quotes Resecurity, the hackers accessed the United Nations infrastructure using an employee’s credentials that had been stolen and purchased on the “dark web”, and “collected information on the UN computer networks.”
The firm detected the cyberattack in April and found that the hackers were still active in August, but told the outlet that the UN stopped responding to it when it offered evidence that data had been stolen during the incident. “This attack had been detected before we were notified by the company cited in the Bloomberg article, and corrective actions had already been planned and were being implemented to mitigate the impact of the breach,” explained the UN spokesman.
“At that time, we thanked the company for sharing information related to the incident and confirmed the breach,” he added. Cybersecurity in critical infrastructures is a growing problem for the US authorities, where in recent months there have been cyberattacks in key sectors.
One of the most serious was the one suffered in May by Colonial, the country’s largest pipeline network, while that same month, JBS, the world’s largest meat processor, was a victim, and in July there was another offensive against Kaseya, a software company serving more than 40,000 organizations worldwide. The Joe Biden government, which has pointed to Russia as responsible for several of the attacks, recently asked private companies to “raise the bar” on cybersecurity.