Blog, Events & News

BACK TO ALL

United Nations Data Breach - Another Day, Another Data Breach

By Gareth Kitson / 25th Sep 2018

It has been reported* The United Nations (UN) are the latest victims of a recent data breach. In 2017 2.3 billion user credentials were reportedly leaked by 51 companies and it is expected to be exceeded for data breaches in 2018.

When usernames and leaked passwords hit the web, they provide cybercriminals the opportunity to perform Account Takeover (ATO) attacks using the same compromised username and password combinations against thousands of other target websites as most people still share passwords across multiple login forms.

What Happened at The UN Data Breach?

It is reported that several applications including Google Docs, Jira, and Trello were misconfigured and as a result were publicly accessible, even by a simple Google search.

Security Researcher Kushagra Parthak identified the vulnerability a month ago and notified the UN of his finding. Parthak found some of the Trello boards contained hyperlinks to UN Google Doc and Jira site pages. Within those Docs and Jira pages, usernames and passwords were stored in plain text, easy for anyone to easily read.

These credentials, if obtained by cybercriminals can be used to not only access UN systems and information but can also be tested against thousands of other websites to check if account exits using the same username/email address and password and perform account takeover attacks if granted access.

The UN has since removed the sensitive information and spokesperson Florencia Soto Nino-Martinez stated:

“Some of the boards listed have communications materials which are not sensitive, while some have outdated information. However, we are reviewing all boards on the list to ensure that no passwords or credentials are shared through this medium. We take security very seriously and have reached out to all staff reminding them of the risks of using a third-party platform to share content and to take the necessary precautions to ensure no sensitive content is public.”

IT and Information Security Professionals must stay several steps ahead of the sophisticated cyber threats but how do they protect from automated attacks that are proving to by-pass standard security controls? The answer, Machine Learning and Behavioural Analysis.

Using Machine Learning to Identify Bad Actors

At Netacea we use our machine learning algorithms to proactively identify the bad actors through our behavioural analysis tools. Our unique approach is unlike traditional black box solutions that rely on by-passable rule sets and rate limits. Instead, we base-line the standard deviation of normal behaviour versus the abnormal methods used in even the most sophisticated ATO attack.

Our bot mitigation and account take over solutions were built from the ground-up on a unique machine learning architecture, which adapts to your environment and pre-empts potential bad traffic and secures critical conversion and login paths when deemed under threats or when abnormal behaviour is detected.

Please do get in touch to learn more and one of our experts will be on hand to help you.

---------

*https://www.macobserver.com/news/united-nations-data-breach/

Account Takeover