Leaked Report: The United Nations Was Hacked

Last year in July 2019 hackers invaded UN’s computer network in Geneva and Vienna in a spying operation that the UN was silent about at the time. Now an internal document has been leaked to New Humanitarian journalists and has also been seen by The Associated Press. 

Dozens of servers were hacked into including the UN Human Rights Office which collects data on human rights abuses by governments. 

Asked about the intrusion, one UN official told the Associated Press that this was a sophisticated  hack with the extent of damage unclear, especially in terms of personal, secret or compromising information that may have been stolen. A UN official, who spoke only on condition of anonymity to speak freely about the episode, said systems have since been reinforced. Given the high skill level, it is possible a state-backed actor was behind it, the official said. “It’s as if someone were walking in the sand, and swept up their tracks with a broom afterward,” the official added. “There’s not even a trace of a clean-up.”

The internal document from the UN Office of Information and Technology said 42 servers were “compromised” and another 25 were deemed “suspicious,” nearly all at the sprawling Geneva and Vienna offices. 

Three of the “compromised” servers belonged to the Human Rights agency, which is located across town from the main UN office in Geneva, and two were used by the UN Economic Commission for Europe. A senior official called the attack a ‘major meltdown’.

The report says a flaw in Microsoft’s SharePoint software was exploited by the hackers to infiltrate the networks. However what type of malware was used is not known, nor had technicians identified the command and control servers on the internet used to exfiltrate information. Nor was it known what mechanism was used by the hackers to maintain their presence on the infiltrated networks.

APNews:       New Humanitarian:

You Might Also Read:

United Nations  Investigating N Korean Cyber Attacks:

African Union HQ Building Bugged:

 

 

 

 

« Iowa Election App Vulnerable To Hackers
What Is The Fuss About 5G? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Duane Morris LLP

Duane Morris LLP

Duane Morris is a global law firm with offices in the USA, UK and Asia. Practice areas include Cybersecurity.

InteliSecure

InteliSecure

InteliSecure offer Professional Services, Security Assessments and Managed Services for data and threat protection.

Mondo

Mondo

Mondo is the largest national staffing agency specializing exclusively in high-end, niche IT, Tech, and Digital Marketing talent. Areas of expertise include Cybersecurity.

National Cybersecurity Institute (NCI) - Excelsior College

National Cybersecurity Institute (NCI) - Excelsior College

NCI is Excelsior College’s research center dedicated to assisting government, industry, military and academic sectors meet the challenges in cybersecurity policy, technology and education.

XLAB

XLAB

XLAB is an R&D company with a strong research background in the fields of distributed systems, cloud computing, security and dependability of systems.

National Accreditation Authority Hungary (NAH)

National Accreditation Authority Hungary (NAH)

NAH is the national accreditation body for Hungary. The directory of members provides details of organisations offering certification services for ISO 27001.

Blu Venture Investors (BVI)

Blu Venture Investors (BVI)

Blu Venture Investors is a venture capital firm that supports early stage companies with a focus on technology in diverse domains including cybersecurity, IoT, defense and homeland security.

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Financial Services Information Sharing and Analysis Center (FS-ISAC)

The Financial Services Information Sharing and Analysis Center is the only global cyber intelligence sharing community solely focused on financial services.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

Green Radar

Green Radar

Green Radar is a next generation cybersecurity company which combines technologies and services together to deliver Threat Detection for Emails and Deep Threat Analytics and Response.

Serbus

Serbus

Serbus Secure is a fully managed suite of secure communication, enterprise mobility and mobile device security tools.

One82

One82

Serving emerging small and medium-sized businesses in California and neighboring regions for over 20 years, One82 has established itself as the most dependable provider of IT support services.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

Whitaker Brothers

Whitaker Brothers

Whitaker Brothers data destruction equipment can be found in 115 countries and every single continent in the world, from major military organizations to small offices.

Relatech

Relatech

Relatech is a Digital Enabler Solution Knowledge (D.E.S.K.) Company that offers digital services and solutions dedicated to the digital transformation of businesses.

Scope AI

Scope AI

Scope AI is an innovative technology company specializing in quantum security and machine learning.