Security News > 2020 > January > UN hacked via unpatched SharePoint server

UN hacked via unpatched SharePoint server
2020-01-31 13:04

The UN suffered a major data breach last year after it failed to patch a Microsoft SharePoint server, it emerged this week.

According to the outlet, internal UN staffers announced the compromise on 30 August 2019, explaining that the "Entire domain" was probably compromised by an attacker who was lurking on the UN's networks.

Attempts to attack the UN IT infrastructure happen often.

The hackers targeted a total of 42 servers, compromising the Active Directory domains of UN offices in Geneva, Vienna, and at the Office of the High Commissioner for Human Rights, although an official told the AP that nothing at the latter location was compromised.

The attackers likely got in through an anti-corruption tracker at the UN Office of Drugs and Crime, reports said.


News URL

https://nakedsecurity.sophos.com/2020/01/31/un-hacked-via-unpatched-sharepoint-server/