UN Data Breach: Expert Commentary on a High-Profile Attack

The United Nations (UN) recently confirmed suffering a data breach in April and facing multiple similar attacks in the months since.

Private cybersecurity company Resecurity contacted the UN earlier in the year upon discovering dark web chatter indicating UN credentials were up for sale. Hold Security also informed CNN that it had made similar observations in April. 

Worse, it seems hackers made use of these fraudulently obtained credentials, stealing a trove of data that could facilitate future attacks on departments in the UN. The data breach marks another high-profile cyber-attack this year, underlining the necessity of cybersecurity. 

UN Data Breach: Expert Commentary

Trevor Morgan

Trevor Morgan is Product Manager with comforte AG.

“The tactically simple but successful cyberattack on the United Nations’ computer networks, now being reported as an ongoing breach with activity occurring for months, accentuates two very clear points. First, that while the impression of hackers is usually of technical geniuses using brilliant attack methods and sophisticated tools to skirt defensive measures, the reality is far from it. A majority of incidents are due to preventable human error or simple methods of attack such as stolen credentials. Second, that cybersecurity isn’t just a personal issue that affects our individual PII and sensitive financial information (though these are key concerns too). It is a matter of national security and potentially affects every single one of us with the repercussions of attacks on national entities.

Quite simply, we can’t take cybersecurity and data protection seriously enough, at the personal level, at the organizational level, and at the national/international level.

For enterprises and other organizations, emphasizing a culture of data security from top-down (embraced by leaders and workers alike) goes a long way toward heading off human error and mistakes which could lead to stolen credentials and subsequent breaches. Also, expanding the toolkit of preventative data protection methods is an absolute necessity. Let’s face it—traditional protections just aren’t working, mostly because they focus on the borders around sensitive data and access through those borders. The solution is actually quite simple: protect the data itself! Data-centric methods such as tokenization and format-preserving encryption obfuscate sensitive data elements while retaining data format, making this approach ideal for organizations that want to work with protected data within their workflows without de-protecting that data.

No matter who gets hold of the data, it remains protected and cannot be leveraged. We should all be united in a commitment to a world-wide culture of better data security, bolstered by data-centric protection in case the worst-case scenario occurs and threat actors actually access highly sensitive information.”

Troy Gill

Troy Gill is Senior Manager of Threat Intelligence at Zix | AppRiver.   

“It’s likely that hackers got into UN systems easily enough – by just logging in. Stolen credentials are sold on the Dark Web all the time, and cyber-criminals jump at the chance to strike any vulnerable organization, let alone one with a global reach. 

Although the United Nations is a large organization, it could still benefit from educating its employees on the same security practices used by smaller firms to protect their passwords and personal information. Credential stuffing and password spraying techniques will continue to be inevitable, which is why employees must take simple precautions such as using password management or utilizing multi-factor authentication across their devices to protect their data.”

Javvad Malik

Javvad Malik is a Security Awareness Advocate of KnowBe4.

“Organizations of all sizes and verticals are continually targeted, so all should take care, in particular, government and other international groups need to be extra vigilant.

In many cases, relatively simple and known methods are used by criminals to break into organizations, be that taking advantage of weak passwords, unpatched software or social engineering. A culture of security is important to build so that beyond the right technologies, the right procedures and awareness amongst employees is present to lower the likelihood an attack will be successful.”

Thanks to the experts for their time and expertise on the UN data breach. For more, check out the Identity Management Buyer’s Guide.