Hackers infiltrated U.N. offices in Europe, leaked report says

networks — what was accessed and what may have been siphoned out — were “cleared.”

Cybersecurity

Twitter says hackers targeted 130 accounts in Bitcoin scam

High-profile Twitter accounts hacked in Bitcoin scam

U.S., U.K. “We were hacked,” U.N. government hacker, said the fact that the hackers cleared the network logs indicates they were not top flight.The most skilled hackers — including U.S., Russian and Chinese agents — can cover their tracks by editing those logs instead of wiping them clean. Three of the “compromised” servers belonged to the human rights agency, which is located across town from the main U.N. data center from the internet, re-write passwords and ensure the systems were clean.Twenty machines had to be rebuilt, the report said. “The intrusion definitely looks like espionage,” said Williams, noting that the active directory component — where all users’ permissions are managed — from three different domains were compromised: those of United Nations offices in Geneva and Vienna and of the Office of the High Commissioner for Human Rights.”This, coupled with the relatively small number of infected machines, is highly suggestive of espionage,” he said after viewing the report. Asked about the report, one U.N. “The attackers have a goal in mind and are deploying malware to machines that they believe serve some purpose for them.”Any number of intelligence agencies from around the globe are likely interested in infiltrating the U.N., said Williams. offices in Geneva and Vienna last year in an apparent espionage operation, and their identity and the extent of the data they obtained is not clear. An internal confidential document from the United Nations, leaked to The New Humanitarian and seen by the Associated Press, said dozens of servers were compromised including at the U.N. The U.N. Nothing confidential was compromised.”Colville’s statement appeared to contradict the leaked September report, however. Headquarters on Wednesday: “This particular attack… Hackers infiltrated U.N. human rights office, which collects sensitive data and has often been a lightning rod of criticism from autocratic governments for exposing rights abuses. Office of Information and Technology said 42 servers were “compromised” and another 25 were deemed “suspicious,” nearly all at the sprawling Geneva and Vienna offices. High Commissioner for Human Rights, Michelle Bachelet, and her predecessors have called out, denounced and criticized alleged war crimes, crimes against humanity and less severe rights violations and abuses in places as diverse as Syria and Saudi Arabia.Dozens of independent human rights experts who work with the U.N. office in Geneva, and two were used by the U.N. Office of Drugs and Crime.The report mentions a range of IP addresses in Romania that may have been used to stage the infiltration, and Williams said one has some neighbors with a history of hosting malware. This time, they managed, but it did not get very far. told CBS News that the hackers did not make their way into the world body’s New York headquarters, CBS News’ Pamela Falk reports. The official, who spoke only on condition of anonymity to speak freely about the episode, said systems have since been reinforced.The skill level was so high it was possible a state-backed actor might have been behind it, the official said. “Nevertheless the threat of future attacks continues, and the United Nations Secretariat detects and responds to multiple attacks of various level of sophistication on a daily basis.”Dujarric told reporters at U.N. “Or should they start putting their information elsewhere?”
First published on January 29, 2020 / 3:06 PM as well as for individuals and businesses. offices in Europe, leaked report says

Updated on: January 29, 2020 / 5:15 PM
/ CBS/AP

Sophisticated hackers infiltrated U.N. Technicians at the United Nations office in Geneva, the world body’s European hub, on at least two occasions worked through weekends in recent months to isolate the local U.N. Economic Commission for Europe.The report said a flaw in Microsoft’s SharePoint software was exploited by the hackers to infiltrate the networks but that the type of malware used was not known nor had technicians identified the command and control servers on the internet used to exfiltrate information. official told the AP that the hack appeared “sophisticated” and that the extent of the damage remained unclear, especially in terms of personal, secret or compromising information that may have been stolen. An official in New York told CBS News that the U.N. spokesman Stephane Dujarric said the attack “resulted in a compromise of core infrastructure components” and was “determined to be serious.”

The earliest detected activity related to the intrusion occurred in July and it was detected in August, Dujarric said in response to emailed questions. government to investigate a suspected Saudi hack that may have siphoned data from the personal smartphone of Jeff Bezos, the Amazon founder and owner of The Washington Post, in 2018. “We face daily attempts to get into our computer systems. IT infrastructure happen often but it was, from all accounts, a well‑resourced attack.” The internal document from the U.N. “How much should U.N. human rights experts asked the U.S. “There’s not even a trace of a cleanup.”

Get Breaking News Delivered to Your Inbox

Sources within the U.N. is providing them?” Richards asked. and Canada say Russian hackers are targeting COVID vaccine research

Trump, Biden campaigns briefed on unsuccessful cyber hack attempts

NSA warns of new “Sandworm” cyberattacks by Russia-backed hackers

More in Cybersecurity

It also shows that among accounts known to have been accessed were those of domain administrators — who by default have master access to all user accounts in their purview. staff trust the information infrastructure the U.N. It said logs that would have betrayed the hackers’ activities inside the U.N. Security researcher Matt Suiche, a French entrepreneur based in Dubai who founded the cybersecurity firm Comae Technologies, reviewed the report and said it appeared entry was gained through an anti-corruption tracker at the U.N. is constantly fighting off hackers: “Who doesn’t want to hack us, it’s the U.N.”There were conflicting accounts, however, about the severity of the incursion. On Tuesday, the New York Times’ bureau chief in Beirut, Ben Hubbard, said technology researchers suspected an attempted intrusion into his phone around the same time. U.N. The hack comes amid rising concerns about computer or mobile phone vulnerabilities, both for large organizations like governments and the U.N. “It’s as if someone were walking in the sand, and swept up their tracks with a broom afterward,” the official said. is not a landmark event, attempts to attack the U.N. Saudi Arabia accused of hacking Bezos

02:39

The United Nations, and its human rights office, is particularly sensitive and could be a tempting target. Jake Williams, CEO of the cybersecurity firm Rendition Infosec and a former U.S. He said the world body does not have enough information to determine who might have been behind the incursion, but added “the methods and tools used in the attack indicate a high level of resource, capability and determination.”The damage related to this specific attack has been contained, and additional mitigation measures implemented,” Dujarric wrote. human rights office have greater leeway — and fewer political and financial ties to the governments that fund the United Nations and make up its membership — to denounce alleged rights abuses. Ian Richards, president of the Staff Council at the United Nations, said, “There’s a lot of our data that could have been hacked, and we don’t know what that data could be.”That includes, for example, staff in the office of the special envoy for Syria carrying out sensitive investigations and human rights staffers interviewing witnesses. human rights office spokesman Rupert Colville said. Last week, U.N.