UN Investigators Are Targets For Cyber Attack

Uploaded on 2017-06-13 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

A group of unknown hackers are targeting United Nations experts investigating potential sanctions violations by North Korea.

According to a UN email, the hackers, who are said to have had “very detailed insight” into their targets, successfully infiltrated one expert’s computer.

The hackers used their knowledge to craft a “highly personalised message” to the sanctions investigator that included a malicious email attachment.

“The zip file was sent with a highly personalised message which shows the hackers have very detailed insight into the panel’s current investigations structure and working methods,” read the email, which was sent on May 8.

A subsequent email, sent by the secretary to the sanctions committee, also known as 1718, to Security Council members, also stated the UN Office of Information and Communications Technology was analyzing “the affected hard drive.”

“Increased vigilance relating to 1718 Committee-related correspondence is therefore advised until data analysis and related investigations are completed,” the email read.

North Korea’s deputy UN envoy responded to news of the hack, first announced Friday by a representative of the chair of the committee, by calling insinuations that Pyongyang was responsible “ridiculous.”

Numerous cyber-security analysts have also pointed fingers at North Korean-linked hackers, known as “Lazarus Group,” for the WannaCry ransomware outbreak that infected hundreds of thousands of computers across the globe.

“Our confidence is very high that this is the work of people associated with the Lazarus Group…” Vikram Thakur, security response technical director for US-based cybersecurity firm Symantec, said.

The UN Security Council has bolstered sanctions against North Korea as the country continues to advance its missile and nuclear weapons programs.

StoryLeak:

You Might Also Read:

Can the United Nations Improve Cybersecurity?:

North Korea's Unit 180 Managed WannaCry Attack:

US vs. North Korea Cyberwar Underway:

 

 

« China Postpones Implementing New Cybersecurity Law
Six Seconds To Hack A Credit Card »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ContentKeeper

ContentKeeper

ContentKeeper provides Web Threat Protection solutions to secure today’s Web 2.0 and mobile centric business environments.

BehavioSec

BehavioSec

BehavioSec uses the way your customers type, swipe, and hold their devices, and enables them to authenticate themselves through their own behavior patterns.

Physec

Physec

Physec offers innovative security products and solutions for the Internet of Things ecosystem.

Mnemonica

Mnemonica

Mnemonica specializes in providing data protection system, information security compliance solutions, cloud and managed services.

World Congress on Industrial Control Systems Security (WCICSS)

World Congress on Industrial Control Systems Security (WCICSS)

The World Congress on Industrial Control Systems Security (WCICSS) is focused on emerging trends in protection of industrial control systems.

Ultratec

Ultratec

Ultratec provide a range of data centric services and solutions including data recovery, data erasure, data destruction and full IT Asset Disposal (ITAD).

Charities Security Forum (CSF)

Charities Security Forum (CSF)

The Charities Security Forum is the premier membership group for information security people working for charities and not-for-profits in the UK.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

MicroSec

MicroSec

MicroSec is a company specializing in IoT security. We focus on bringing enterprise grade security to IoT and embedded systems.

Albania Lab

Albania Lab

Albania Lab is a consulting company focused on the development and delivery of digital solutions and IT services including cybersecurity.

Recon InfoSec

Recon InfoSec

The Recon InfoSec team includes analysts, architects, engineers, intrusion specialists, penetration testers, and operations experts.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

Binalyze

Binalyze

Binalyze is the world's fastest and most comprehensive enterprise forensics solution. Our software helps you to collaborate and complete incident response investigations quickly.

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.