The United Nations announced that their computer networks were breached by hackers earlier this year. They managed to collect crucial data that could be used to target agencies within the intergovernmental organization reported by Bloomberg on Thursday, Sept 9, 2021

Additionally, it was announced that the method the attackers used to gain access to the UN’s network appears to be unsophisticated. The hackers seem to have purchased a stolen password and username of a UN employee sold on the dark web. 

Stéphane Dujarric, the spokesman for the UN Secretary-General, said in a statement on Thursday, Sept 9, 2021, “the United Nations is frequently targeted by cyberattacks, including sustained campaigns.” He added, “we can also confirm that further attacks have been detected and are being responded to, that are linked to the earlier breach.” 

Resecurity, the cyber security firm that discovered the breach stated that the hackers obtained credentials that belonged to an unprotected account on the UN’s proprietary project management software, called “Umoja.” Through that account, the hackers were able to gain more access to the UN’s network which led to more information being leaked.

Two thousand twenty-one marks a year where hackers have grown more confident and bolder. Earlier this year, “JBS SA, the world’s largest meat producer, was hit by a cyberattack this year that forced the shutdown of U.S. plants. Colonial Pipeline Co., the operator of the biggest U.S. gasoline pipeline, also was compromised by a so-called ransomware attack” (Bloomberg).

In summary, cyber security is a crucial tool that is available to address potential cyber-attacks. Organizations should implement policies and strategies customized to their business to protect their networks from future hackers. We at Euclid Security are dedicated to assisting firms to take the necessary steps to protect their networks. As your trusted cyber security service partner, we offer a vast range of services, including penetration testing and vulnerability scanning, a virtual CISO, and full-blown security and risk assessments to keep you on track. We will be glad to discuss your business needs with you so please do not hesitate to contact us.