Hackers have been gathering data from the United Nations‘ internal system since April, using an employee’s stolen login credentials that have been sold on the dark web for as little as $1,000.
The combination of username and password was sold by multiple Russian-speaking cybercriminals as late as July, but the identity of the hackers and their explicit purpose is still unknown.
The credentials offer access to the organization’s project management software Umoja. The entry point provides valuable insight into government and humanitarian work across the globe.
The UN, which is in constant contact with high-powered nations and companies, has been targeted by state-directed hackers before, but everyday cybercriminals are now going after large companies and organizations with the goal of selling access to highly coveted information.
Hackers gathered data from the United Nations through the organization’s project management software Umoja. Above, UN headquarters in New York City
A login was offered for as little as $1,000 by multiple Russian-speaking cybercriminals on the…