Iran Press/ America: The statement came after multiple private cybersecurity experts warned that cybercriminal forums had in recent months been selling access to login credentials for software that the UN uses to manage internal projects. The software could provide valuable access to intruders looking to extort the UN or steal data, CNN reported.
"We can confirm that unknown attackers were able to breach parts of the United Nations infrastructure in April of 2021," UN Spokesperson Stephane Dujarric said in a statement, after an earlier report from Bloomberg News.
"We can also confirm that further attacks, that are linked to the earlier breach, have been detected and are being responded to," he added.
California-based cybersecurity firm Resecurity told CNN it contacted UN officials earlier this year after noticing the login credentials for sale on the dark web. Dujarric said the UN had taken steps to mitigate the impact of the breach before Resecurity contacted the multinational body, but declined to elaborate.
Alex Holden, the founder of Hold Security, another IT security firm, told CNN that in early April, his firm observed one prominent cybercriminal gang claiming access to the UN software.
The UN confirmed in January 2020 that unidentified hackers had targeted its offices in Geneva and Vienna with an 'apparently well resourced' cyberattack.
Other examples of breaches highlight what's at stake for international institutions trying to protect their sensitive communications.
Cybersecurity researchers in 2018 publicized a years-long alleged Chinese hacking operation to infiltrate European Union diplomatic cables. This April, the EU said it was investigating a separate IT security incident that affected multiple networks.
224
Read More:
Iran's envoy to UN calls Iran one cyber-attack victim
National Center for Cyberspace condemns Google's action in removing Iranian applications