UN Offices in Geneva and Vienna Suffered Major Hacking Attack Last Year, Says New Research

• Hackers broke into dozens of UN servers in July 2019.
• A senior UN official labeled the incident as a ‘major meltdown,’ and estimated that some 400 GB of data was stolen during the incident.

A complex cyber attack at the United Nation offices in Geneva and Vienna last year apparently exposed several lists of user accounts. The incident, which was kept under wraps, has come to light after ‘The New Humanitarian’ released some major key findings.

Key findings

According to a confidential UN report obtained by ‘The New Humanitarian’, hackers broke into dozens of UN servers in July 2019.

• The affected servers included systems located at the UN Office of the High Commissioner for Human Rights (OHCHR) headquarters, the UN Office at Vienna, and the UN Office at Geneva. Some administrator accounts were also breached in the incident. These servers held a range of data including personal information about staff.
• The attack also affected staff records, health insurance, and commercial contract data.
• A senior UN official labeled the incident as a ‘major meltdown,’ and estimated that some 400 GB of data was stolen during the incident.
• Ten other infrastructure components including printing, antivirus, and the human resources system were also compromised during the attack. Other affected core infrastructure included user and password management, system control, and security firewalls.
• Although the exact reason for the attack is still unknown, it is believed that it occurred due to previously discovered vulnerabilities. UN officials had warned of major vulnerabilities years ago.

What has the UN done since the discovery?

The UN has taken multiple mitigation steps since the discovery of the attack.

• Multiple workshops and assessments have been conducted to validate the mitigation measures implemented earlier.
• Staff was asked to change their passwords without being informed about the breach or that some of their personal data may have been compromised.

Bottom line

UN spokesperson Stéphane Dujarric has classified the incident as ‘serious’. He has also stated that there is no evidence that the attack has affected UN organizations in other locations or any other agencies.