In a report released by Untangle, a leading firewall / security vendor, the details of the recent United Nations Hack were detailed. Here is a summary of the report
“It has been recently revealed the United Nations was victim to a cyber attack starting in July 2019. Hackers gained access to and compromised 42 servers and 25 are still categorized as suspicious for three different domains: those of the United Nations offices in Geneva and Vienna and of the office of High Commissioner for Human Rights. It is estimated that hackers may have up to 400GB of staff records, health insurance, and commercial contact data.”
This attack has been classified as an APT (Advanced Persistent Threat) where the attackers gain access then setup a variety of ways to remain on the network while they collect the data they are after. This hack was due to a vulnerability stemming from not installing software updates in a timely manner. .The United nations found the threat then issues a notice to employees to reset their passwords in August of 2019. They did not inform personnel of the hack until January 2020.
These two factors, patching and training, should be addressed by every company to keep their data safe.
If your company needs help with patching or security training, then contact us for assistance.
As the security landscape becomes more mobile and complex, traditional security methods are no longer up to the task. Check out this infographic to learn why the holistic approach of Microsoft’s Identity-Driven Security was designed to handle the threats of today, and tomorrow.
Microsoft 365 E5 security covers a broad range of functions that work together to produce an easy-to-implement, effective, and cohesive system that is backed by continuous learning through ever expanding data.
This article explores the shared responsibility between cloud and app vendors and enterprises when it comes to the security of an enterprise’s cloud information. Who is responsible for what, and what can you do to ensure your name is kept out of the headlines?
As part of its plan to move toward becoming part of the FTSE 100, Keir Group PLC knew that it needed to overhaul its IT systems. Watch how Microsoft 365 E5 was able to meet their security needs while still providing an accessible and easy-to-use system for their largely remote workforce.