UN Investigators Are Targets For Cyber Attack

Uploaded on 2017-06-13 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

A group of unknown hackers are targeting United Nations experts investigating potential sanctions violations by North Korea.

According to a UN email, the hackers, who are said to have had “very detailed insight” into their targets, successfully infiltrated one expert’s computer.

The hackers used their knowledge to craft a “highly personalised message” to the sanctions investigator that included a malicious email attachment.

“The zip file was sent with a highly personalised message which shows the hackers have very detailed insight into the panel’s current investigations structure and working methods,” read the email, which was sent on May 8.

A subsequent email, sent by the secretary to the sanctions committee, also known as 1718, to Security Council members, also stated the UN Office of Information and Communications Technology was analyzing “the affected hard drive.”

“Increased vigilance relating to 1718 Committee-related correspondence is therefore advised until data analysis and related investigations are completed,” the email read.

North Korea’s deputy UN envoy responded to news of the hack, first announced Friday by a representative of the chair of the committee, by calling insinuations that Pyongyang was responsible “ridiculous.”

Numerous cyber-security analysts have also pointed fingers at North Korean-linked hackers, known as “Lazarus Group,” for the WannaCry ransomware outbreak that infected hundreds of thousands of computers across the globe.

“Our confidence is very high that this is the work of people associated with the Lazarus Group…” Vikram Thakur, security response technical director for US-based cybersecurity firm Symantec, said.

The UN Security Council has bolstered sanctions against North Korea as the country continues to advance its missile and nuclear weapons programs.

StoryLeak:

You Might Also Read:

Can the United Nations Improve Cybersecurity?:

North Korea's Unit 180 Managed WannaCry Attack:

US vs. North Korea Cyberwar Underway:

 

 

« China Postpones Implementing New Cybersecurity Law
Six Seconds To Hack A Credit Card »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Exploit Database (EDB)

Exploit Database (EDB)

The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers.

Armor

Armor

Armor provide managed cloud security solutions for public, private, hybrid or on-premise cloud environments.

Intruder

Intruder

Intruder is a cloud-based vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.

Asigra

Asigra

Asigra provides an industry leading cloud backup and recovery software platform called Asigra Cloud Backup.

Information Security Forum (ISF)

Information Security Forum (ISF)

The ISF is a leading authority on information security and risk management.

Disklabs

Disklabs

Disklabs are industry leaders in data recovery, digital forensics and data erasure.

GreyCastle Security

GreyCastle Security

GreyCastle Security is a leading cybersecurity services provider dedicated exclusively to cybersecurity and the practical management of cybersecurity risks.

Assystem

Assystem

Assystem delivers a comprehensive security approach for the industrial and service sectors that integrates physical security systems, industrial cyber-security, functional safety and dependability.

Automox

Automox

Remediate vulnerabilities 30X faster than the industry norm – and dramatically reduce your risk with simple, fast, and cloud-native endpoint hardening from Automox.

Gradient Cyber

Gradient Cyber

Gradient Cyber offer mid-market organizations enterprise-grade threat detection and response services at a fraction of the cost of an in-house SOC.

Intelligent Technical Solutions (ITS)

Intelligent Technical Solutions (ITS)

We help businesses manage their technology. Intelligent Technical Solutions provide you with the right technical solution, so you can get back to running your business.

SoftForum

SoftForum

SoftForum is a company specializing in next-generation information security solutions in the Quantum-Resistant-Cryptography (PQC) field.

Fletch

Fletch

Fletch’s AI tracks the evolving cybersecurity threat landscape by reading and interpreting every threat article every day and matching those threats to a company’s exposure.

Aegis Cyber Defense Systems

Aegis Cyber Defense Systems

AEGIS is a powerful cybersecurity tool that can help protect your devices and networks from cyber threats, and increase performance.

AdviserCyber

AdviserCyber

AdviserCyber provide Cybersecurity and Compliance Solutions for Registered Investment Advisers.

TeamT5

TeamT5

TeamT5 Inc. is a leading cybersecurity company dedicated to cyber threat research and solutions.