NIST's guidance for a Zero Trust Architecture

Recent AD News

Attackers use stolen credentials to intrude into the UN network

stolen credential attacks

Threat actors leveraged the stolen credentials of a UN employee to gain access to Umoja, a proprietary project management software that’s used in the intergovernmental organization. After intrusion, the attackers stole data that is likely to enable them to go after other agencies within the UN.

“We can confirm that unknown attackers were able to breach parts of the UN infrastructure in April of 2021,” Stephane Dujarric, spokesman for the UN Secretary-General told Bloomberg, that first reported the breach. Resecurity, the security firm that discovered the attack earlier this year informed the UN that the absence of multi-factor authentication for the Umoja account made it easy for attackers to take it down and break into the network.

This breach highlights the fact that even high-profile organizations such as the UN that deal with sensitive information haven’t yet implemented stringent password protection measures. Researchers also found out that the attackers had access to the UN network for at least four months since they first gained access on April 5. Evidence of lateral movement and intruder activity was recorded as recent as Aug 7, 2021, said the researchers.

While the intrusion could have been prevented if the UN’s IT security team performed routine reviews of their password security practices, the lateral movement could have been impeded if they ensured their users were given access to resources only based on a least-privilege model.  

However, a one-time clean-up of existing poor password practices and excessive user privileges isn’t a permanent fix, as both are likely to accumulate with time. The permanent solution is adopting the Zero-trust security framework.  ManageEngine has a webinar that unpacks the National Institute of Standards and Technology’s Zero Trust model and discusses how organizations can get started with zero-trust implementation. You can watch it here.

Related posts
Recent AD News

650+ compromised credentials found to be in use within NEW Cooperative-the latest organization hit by ransomware

Recent AD News

CISA, FBI, and NSA anticipate a rise in Conti ransomware attacks, issue joint cybersecurity advisory

Recent AD News

Azure security flaw puts Zero-Trust in the spotlight

Recent AD News

CISA and FBI expect ransomware attacks to soar over the Labor Day weekend, issue advisory

Leave a Reply

Your email address will not be published. Required fields are marked *