The United Nations (UN) recently announced that it suffered a cyber-attack in April 2021. The hackers were able to access part of the UN’s infrastructure. According to UN spokesperson, Stéphane Dujarric, “further attacks have been detected and are being responded to, that is linked to the earlier breach.”[1]

The cyber criminals targeted the UN’s project management software by possibly purchasing employees’ login passwords over the dark web. Furthermore, the hackers may have had access to up to 4 months’ worth of data.[2] Resecurity Chief Executive Officer, Gene Yoo, said, “the actor conducted the intrusion with the goal of compromising large numbers of users within the UN network for further long-term intelligence gathering.”[3]

According to Allan Liska, a senior threat analyst at Recorded Future, “organizations like the United Nations have been targeted by nation state actors, but as cybercriminals are finding ways to more effectively monetize stolen data and as access to these organizations is more frequently available for sale by initial access brokers, we expect to see them increasingly targeted and infiltrated by cybercriminals.”[4]

The UK National Cyber Security Centre reported that between 2019 and 2020, cyberattacks increased by 62 percent worldwide.[5] As cyber threats increase, the importance of continuous monitoring and understanding your organization’s susceptibility to cyber-threats cannot be stressed enough.  At MDS, we have tools that provide our customers granular insights, pinpointing the exact vulnerabilities within an organization. By identifying your organization’s security weaknesses, MDS can provide effective solutions to mitigate your risks against nefarious actors.

[1] UN says cyber hackers breached systems earlier this year, The New Arab (Sept. 10, 2021).

[2] Turton, William and Mehrotra, Kartikay, UN Computer Networks Breach by Hackers Earlier This Year, Bloomberg (Sept. 9, 2021), https://www.bloomberg.com/news/articles/2021-09-09/united-nations-computers-breached-by-hackers-earlier-this-year.

[3] Id.

[4] Id.

[5] Id., at *1.

The material and information provided in Maureen Data Systems (“MDS”) Content are for general information only and should not, in any respect, be relied on as professional advice. The MDS Content shall be construed as author-based content and commentary. Accordingly, no warranties or other guarantees are offered as to the quality of the opinions, commentary or anything else appearing in such MDS Content. MDS expressly reserves the right to delete stories at its and their sole discretion.

Register for Maureen Data System’s 4th Annual Security Conference