The United Nations (UN) on Thursday confirmed that it was the victim of a cyberattack earlier this year and that attacks related to the original breach were ongoing.
The announcement was made in response to a report from Bloomberg News Thursday that hackers had breached the UN in early April and had stolen data through the use of login credentials from a UN employee that were bought from the dark web.
“We can confirm that unknown attackers were able to breach parts of the United Nations infrastructure in April of 2021,” Stéphane Dujarric, spokesman for the UN Secretary-General, said in a statement.
Bloomberg cited findings from cybersecurity company Resecurity in reporting the breach. The firm found that the hackers were still active on UN networks as recently as early August.
According to Bloomberg, Resecurity notified the UN of the attack earlier this year, but the UN stopped responding to Resecurity when the company provided evidence that data had been stolen as part of the incident.
“This attack had been detected before we were notified by the company cited in the Bloomberg article, and corrective actions to mitigate the impact of the breach had already been planned and were being implemented,” Dujarric said Thursday. “At that time, we thanked the company for sharing information related to the incident and confirmed the breach to them.”
While the UN is taking steps to respond to the cybersecurity incident, Dujarric noted that the crisis is not over.
“The United Nations is frequently targeted by cyberattacks, including sustained campaigns,” Dujarric said. “We can also confirm that further attacks have been detected and are being responded to, that are linked to the earlier breach.
This is not the first time the UN has fallen victim to a cyberattack.
The New Humanitarian obtained documents in early 2020 that found evidence that hackers had compromised dozens of UN servers in 2019 at offices in Geneva and Vienna, including systems at the UN’s human rights office, and that employees were not informed.
The new breach occurred amid mounting major cybersecurity incidents over the past year, including the SolarWinds hack, which allowed Russian-government linked hackers to compromise nine U.S federal agencies and around 100 private groups for most of last year.
Ransomware attacks have also become an increasing headache, with attacks on Colonial Pipeline and meat producer JBS USA among those that took place in the month after the UN was first attacked this year.