Unidentified hackers breached computer systems at the United Nations in April and the multinational body has had to fend off related hacks in the months since, a UN spokesperson said Thursday.
The statement came after multiple private cybersecurity experts warned that cybercriminal forums had in recent months been selling access to login credentials for software that the UN uses to manage internal projects. The software could provide valuable access to intruders looking to extort the UN or steal data.
“We can confirm that unknown attackers were able to breach parts of the United Nations infrastructure in April of 2021,” UN spokesperson Stéphane Dujarric said in a statement, after an earlier report from Bloomberg News.
“We can also confirm that further attacks have been detected and are being responded to, that are linked to the earlier breach,” he added.
California-based cybersecurity firm Resecurity told CNN it contacted UN officials earlier this year after noticing the login credentials for sale on the dark web. Dujarric said the UN had taken steps to mitigate the impact of the breach before Resecurity contacted the multinational body, but declined to elaborate.
Alex Holden, founder of Hold Security, another IT security firm, told CNN that in early April, his firm observed one prominent cybercriminal gang claiming access to the UN software.
The UN confirmed in January 2020 that unidentified hackers had targeted its offices in Geneva and Vienna with an ‘apparently well resourced’ cyberattack” the previous year.
Other examples of breaches highlight what’s at stake for international institutions trying to protect their sensitive communications.
Cybersecurity researchers in 2018 publicized a years-long alleged Chinese hacking operation to infiltrate European Union diplomatic cables. This April, the EU said it was investigating a separate IT security incident that affected multiple networks.