Categories: SecurityWorkspace

UN Was ‘Not Compromised’ In TeamPoison Hack

The United Nations Development Programme (UNDP) has confirmed that no sensitive information was compromised in a recent hack of its systems.

Hacker group, TeaMp0isoN, leaked almost 1,000 usernames, email addresses and passwords onto the Pastebin website.

Not just a trick

The list, which includes individuals from the United Nations Development Programme (UNDP), Organisation for Economic Co-operation and Development (OECD), UNICEF, World Health Organisation (WHO) and other groups, shows many users having either very basic passwords or none at all.

This, according to blog post by Graham Cluley, senior technology consultant at Sophos, would “Make many a system administrator groan and roll their eyes in exasperation.”

UNDP spokeswoman, Sausan Ghosheh, told the BBC that the hacked server, which goes back to 2007, contained old data and no active passwords.  “The UNDP found [the] compromised server and took it offline. Please note that was not compromised.”

Cryptocard MD, Jason Hart, disagrees, saying that this intrusion is far more significant. “The UN has said that the information exposed is old data, but if you look at the YouTube video released by the hackers on Monday it shows account details and usernames as well as personal email addresses. As we all know, passwords cross personal and professional lives, so these people could well be compromised at work and at home. I would bet my last pound that most of these people are still using the same password, therefore they are vulnerable to attack.”

“The UN is seen as a symbol for security and trust for many millions of people around the world,” adds Hart, and since these hackers want the world to notice them, “Hacking their systems is Teampoison’s way of making a big statement to the outside world.”

Expect us

“Time and time again this year we’ve seen hackers bypass the front door thanks to outdated security approaches such as static passwords. The implications for the UN, and the people’s details that are currently being advertised on YouTube, is significant,” warns Hart.

The hacker responsible for the attack, TriCk, taunted the UNDP, saying, “The question now is… how?… We will let the so called secutiy experts over at the UN figure that out. . . . Have a Nice Day….”

TeaMp0isoN recently announced that it would be joining forces with  Anonymous “to fight censorship in the name of OpCensorThis” and would participate in a new campaign dubbed “Operation Robin Hood”, aimed at global banks.

“It’s time we fight back,” said the group in its statement. “It’s time YOU take back your freedom. We are done asking politely. Banks, you have got the attention of the Hydra of the internet that has grown fangs of poison. The only question now, is do they expect us?”
Iris Cheerin

Recent Posts

UK’s CMA Begins Probe Of Viasat Acquisition Of Inmarsat

British competition regulator the CMA, begins phase one investigation of $7.3 billion merger between Inmarsat…

7 hours ago

Cisco Admits ‘Security Incident’ After Breach Of Corporate Network

Yanluowang ransomware hackers claim credit for compromise of Cisco's corporate network in May, while Cisco…

8 hours ago

Google Seeks To Shame Apple Over RCS Refusal

Good luck convincing Tim. Google begins publicity campaign to pressure Aple into adopting the cross…

9 hours ago

Elon Musk Wants Staff Names Of Twitter’s Bot Counters

Fight with Twitter, sees Elon Musk's legal team requesting names of those employees who calculate…

11 hours ago

Former Twitter Executive Convicted Of Spying For Saudi Arabia

Spying scandal. Former Twitter executive found guilty in San Francisco courtroom of spying for Saudi…

15 hours ago

Meta Raises $10 Billion In Bond Offering

First ever bond offering sees Facebook parent Meta Platforms raise $10 billion, as it seeks…

16 hours ago