ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

Attackers use stolen credentials to intrude into the UN network

stolen credential attacks

Threat actors leveraged the stolen credentials of a UN employee to gain access to Umoja, a proprietary project management software that’s used in the intergovernmental organization. After intrusion, the attackers stole data that is likely to enable them to go after other agencies within the UN.

“We can confirm that unknown attackers were able to breach parts of the UN infrastructure in April of 2021,” Stephane Dujarric, spokesman for the UN Secretary-General told Bloomberg, that first reported the breach. Resecurity, the security firm that discovered the attack earlier this year informed the UN that the absence of multi-factor authentication for the Umoja account made it easy for attackers to take it down and break into the network.

This breach highlights the fact that even high-profile organizations such as the UN that deal with sensitive information haven’t yet implemented stringent password protection measures. Researchers also found out that the attackers had access to the UN network for at least four months since they first gained access on April 5. Evidence of lateral movement and intruder activity was recorded as recent as Aug 7, 2021, said the researchers.

While the intrusion could have been prevented if the UN’s IT security team performed routine reviews of their password security practices, the lateral movement could have been impeded if they ensured their users were given access to resources only based on a least-privilege model.  

However, a one-time clean-up of existing poor password practices and excessive user privileges isn’t a permanent fix, as both are likely to accumulate with time. The permanent solution is adopting the Zero-trust security framework.  ManageEngine has a webinar that unpacks the National Institute of Standards and Technology’s Zero Trust model and discusses how organizations can get started with zero-trust implementation. You can watch it here.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.