Leaked report shows U.N. suffered hack
Sophisticated hackers infiltrated U.N. networks in Geneva and Vienna last year in an apparent espionage operation that top officials at the world body kept largely quiet. The hackers’ identity and the extent of the data they obtained are not known.
An internal confidential document from the United Nations, leaked to The
New Humanitarian and seen by The Associated Press, says dozens of servers were compromised including at the U.N. human-rights office, which collects sensitive data and has often been a lightning rod of criticism from autocratic governments for exposing rights abuses.
It appears knowledge of the breach was closely held, a strategy that information-security experts consider misguided because it only multiplies the risks of further data hemorrhaging.
“Staff at large, including me, were not informed,” said Geneva-based Ian Richards, president of the Staff Council at the United Nations. “All we received was an email [on Sept. 26] informing us about infrastructure maintenance work.” The council advocates for the welfare of employees of the world body.
Asked about the intrusion, one U.N. official told the AP it appeared “sophisticated” with the extent of damage unclear, especially in terms of personal, secret, or compromising information that might have been stolen. The official, who spoke only on condition of anonymity to speak freely about the episode, said systems have since been reinforced.
Given the high skill level, it is possible a state-backed actor was behind it, the official said. “It’s as if someone were walking in the sand, and swept up their tracks with a broom afterward,” the official added. “There’s not even a trace of a clean-up.”
The leaked Sept. 20 report says logs that would have betrayed the hackers’ activities inside the U.N. networks — what was accessed and what might have been siphoned out — were “cleared.” It also shows that among accounts known to have been accessed were those of domain administrators — who by default have master access to all user accounts in their purview.
“Sadly … still counting our casualties,” the report says.