UN hacked via unpatched SharePoint server

Abstract

The UN suffered a major data breach last year after it failed to patch a Microsoft SharePoint server, it emerged this week. Then it failed to tell anyone, even though it produced a damning internal report.

The news emerged after an anonymous IT employee leaked the information to The New Humanitarian, which is a UN-founded publication that became independent in 2015 to report on the global aid community. According to the outlet, internal UN staffers announced the compromise on 30 August 2019, explaining that the “entire domain” was probably compromised by an attacker who was lurking on the UN’s networks.

A confidential report sent to the publication without permission by a UN IT official revealed that the cyberattack had started in mid-July last year. The hackers had compromised dozens of servers including those in its highly sensitive human rights operation, along with its human resources department.

Read more in

UN hacked via unpatched SharePoint server

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (Address never made public)

Name

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Cyber Security: Awareness is the key

"As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace”– Newton Lee

UN hacked via unpatched SharePoint server

Leave a Reply Cancel reply

Share this:

Related

Leave a Reply Cancel reply