UN Investigators Are Targets For Cyber Attack

Uploaded on 2017-06-13 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

A group of unknown hackers are targeting United Nations experts investigating potential sanctions violations by North Korea.

According to a UN email, the hackers, who are said to have had “very detailed insight” into their targets, successfully infiltrated one expert’s computer.

The hackers used their knowledge to craft a “highly personalised message” to the sanctions investigator that included a malicious email attachment.

“The zip file was sent with a highly personalised message which shows the hackers have very detailed insight into the panel’s current investigations structure and working methods,” read the email, which was sent on May 8.

A subsequent email, sent by the secretary to the sanctions committee, also known as 1718, to Security Council members, also stated the UN Office of Information and Communications Technology was analyzing “the affected hard drive.”

“Increased vigilance relating to 1718 Committee-related correspondence is therefore advised until data analysis and related investigations are completed,” the email read.

North Korea’s deputy UN envoy responded to news of the hack, first announced Friday by a representative of the chair of the committee, by calling insinuations that Pyongyang was responsible “ridiculous.”

Numerous cyber-security analysts have also pointed fingers at North Korean-linked hackers, known as “Lazarus Group,” for the WannaCry ransomware outbreak that infected hundreds of thousands of computers across the globe.

“Our confidence is very high that this is the work of people associated with the Lazarus Group…” Vikram Thakur, security response technical director for US-based cybersecurity firm Symantec, said.

The UN Security Council has bolstered sanctions against North Korea as the country continues to advance its missile and nuclear weapons programs.

StoryLeak:

You Might Also Read:

Can the United Nations Improve Cybersecurity?:

North Korea's Unit 180 Managed WannaCry Attack:

US vs. North Korea Cyberwar Underway:

 

 

« China Postpones Implementing New Cybersecurity Law
Six Seconds To Hack A Credit Card »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Nutanix

Nutanix

The Nutanix enterprise cloud platform provides performance, robust security, and seamless application mobility for a broad range of enterprise applications.

Cydome

Cydome

Cydome offers full-spectrum cybersecurity solutions tailored for the maritime industry.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Veracity Industrial Networks

Veracity Industrial Networks

Veracity provides an innovative industrial network platform that improves the reliability, efficiency, and security of industrial networks and devices.

Dice

Dice

Dice is a leading recruitment platform, helping technology professionals manage their careers and employers connect with highly skilled tech talent in specialist areas including cybersecurity.

Asset Guardian Solutions (AGSL)

Asset Guardian Solutions (AGSL)

Asset Guardian are dedicated to protecting the integrity of process control systems software that is used to control operations and production processes.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

TWC IT Solutions

TWC IT Solutions

Since 2011, TWC IT Solutions has offered managed IT Support, Cybersecurity, Disaster Recovery, Contact Centre and Business Connectivity services to clients across 24 countries globally.

Future Planet Capital

Future Planet Capital

Future Planet is the impact-led, global venture capital firm built to invest in high growth potential companies from the world's top research centres.

CYDEF

CYDEF

CYDEF provides comprehensive, state-of-the-art cybersecurity protection that is accessible and affordable to organizations of any size.

Polestar Industrial IT

Polestar Industrial IT

Polestar work on both sides of the IT & OT divide. Network, Data & Asset Security is our priority. Polestar installations are robust and resilient and comply with the appropriate security.

PolySwarm

PolySwarm

PolySwarm is a crowdsourced threat intelligence marketplace that provides a more effective way to detect, analyze and respond to the latest threats.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.

Vonahi Security

Vonahi Security

Vonahi Security is a cybersecurity SaaS company that pioneered automated network penetration testing.