In July the computer systems of the United Nations were targeted by a attack capable of bringing its protection systems to their knees by exploiting a vulnerability in Microsoft's SharePoint software. Access was thus obtained to the servers of the Geneva and Vienna offices, as well as to those of the OHCHR (High Commissioner for Human Rights) which together have approximately 4,000 employees.
UN: violation for 4,000 staff members
The origin of the operation is unknown, but it cannot be excluded that it may be coordinated by some groups close to hostile countries. No details even on the nature of the information stolen (about 400 GB) and for what purpose, probably espionage. For this reason theUN has decided not to talk about it to date, confirming what happened only following the report published by The New Humanitarian and Associated Press. These are the words attributed to a spokesman.
The attack resulted in compromise of important infrastructure components. Since the exact nature and purpose of the accident cannot be determined, we have decided not to publicly report the violation.
It is not the first time that crackers have targeted the institution. As far back as 2001, one of the official sites ended up in their sights, in 2013 they returned to talk about it in relation to the Datagate. In 2016 ayet another violation, to the detriment of the International Civil Aviation Organization (autonomous agency of the UN), signed by the group Emissary Panda believed to be close to the Chinese government. Even in that case the story was not made known in a timely manner.
Curiously, the United Nations leaders last week declared that they had imposed a ban on their staff to use WhatsApp because it was considered an insecure means of communication. A position made official following the explosion of the case that directly affected Amazon number one Jeff Bezos, involving Saudi prince Mohammed bin Salman.