400GB-data stolen from UN servers in July; organization remained mum
What's the story
The United Nations has confirmed to have been hacked in, what looks like, a state-sponsored espionage operation. According to a confidential internal document cited by The New Humanitarian and Associated Press, dozens of servers at the UN offices were infiltrated, leading to 400GB worth of confidential data being compromised. Here's all you need to know about it.
Attack
Last July, hackers exploited Microsoft SharePoint flaw
While the matter is just coming to the fore, the hack actually took place in July 2019 when an unauthorized party exploited a security vulnerability in Microsoft's SharePoint, using an unknown strain of malware. The breach gave them access to dozens of servers at the UN's Geneva and Vienna offices, as well as the Office of the United Nations High Commissioner for Human Rights.
Data
400GB of confidential data stolen
According to reports, after breaking in, the hackers stole 400GB worth of data from the servers in question. It is not exactly clear what kind of information they downloaded, but reports indicate that the servers contained sensitive data on UN's employees. For reference, the three offices hacked (one known for exposing human rights abuses) have more than 4,000 employees in total.
Official response
Full extent of the damage still not clear to UN
After the incident was reported, a UN spokesperson issued a statement saying that "the attack resulted in a compromise of core infrastructure components" but "the exact nature and scope of the incident could not be determined." An official familiar with the matter also reiterated the same, claiming that the full extent of personal, secret or confidential information stolen from the hack still remains unclear.
Information
This is also why the details were not publicly disclosed
As the full scope of the attack was not clear, the United Nations chose to keep the matter under wraps, a move being criticized by many people. The organization didn't even reveal anything to its own employees, except asking them to change their passwords.
Details
No word on the hackers
So far, there is no word on who carried out this attack. The UN official, who spoke to AP on the condition of anonymity, said that the hack appeared sophisticated and the attackers covered their tracks by deleting server entry logs. "There's not even a trace of a clean-up," the person said, adding that the skill level suggests that the attackers might be state-backed.
Information
Systems have been fixed now
The systems compromised in the hack have now been fixed and their security has been reinforced. However, the attack - second against the UN in recent years - raises questions over the cybersecurity practices followed by the organization and calls for closer scrutiny.