UN investigates hack after greater than 100 credentials posted

The United Nations has said it could investigate an attack after a set of hackers posted greater than 100 email addresses and login details it claimed to have stolen from the organisation.

According to BBC News, a few of the emails seem to belong to members of the United Nations Development Programme (UNDP), a spokesperson for which said that an old server have been targeted.

Sausan Ghosheh said: “The UNDP found [the] compromised server and took it offline. The server goes back to 2007. There are not any active passwords listed for those accounts. Please note that UNDP.org was not compromised.”

Hacking group TeaMp0isoN claimed responsibility for the action, calling the UN "a senate for global corruption" and criticised its stance and action in Rwanda, Darfour, Israel and the previous Yugoslavia.

Its statement on Pastebin said: “The UN has become a beast that should be stopped or tamed! How far you will have come from the primary address by Thomas Jefferson where 'peace, commerce and honest friendship' were the Modis Operandi [sic] to at least one today where talk of 'eliminating 350,000 people a day' as outlined by Jacques Cousteau is a academic consideration.

“The UN is a fraud! The bureaucratic head of NATO used to legitimise the Barbarism of Capitalist elite! Conor Cruise said 'you can safely entice the UN within the comfortable certainty that it's going to allow you to down' - never has a truer sentence been spoken. United Nations, why didn't you are expecting us?”

This is then followed by the e-mail addresses, usernames and passwords. Graham Cluley, senior technology consultant at Sophos, suspected that the hackers were ready to profit from a vulnerability at the UNDP website to extract the info.

Jason Hart, MD of Cryptocard, said: “The UN is seen as an emblem for security and trust for plenty millions of folk everywhere. Hacking their systems is TeaMp0isoN's way of creating a tremendous statement to the surface world.

“The UN has said that the guidelines exposed is old data, but when you study the YouTube video released by the hackers on Monday, it shows account details and usernames in addition to personal email addresses.

“As we know, passwords cross personal and professional lives, so these people could well be compromised at work and at home. i'd bet my last pound that the majority of those individuals are still using an analogous password; therefore they're prone to attack.

“Time and time again this year we have seen hackers bypass front door attributable to outdated security approaches similar to static passwords. The consequences for the UN, and the folks whose details are currently being advertised on YouTube, are significant.”

Cluley said 'TeaMp0isoN' recently announced it was joining forces with Anonymous on an initiative dubbed ‘Operation Robin Hood', targeting banks and monetary institutions. It hit the headlines in the summertime when the official BlackBerry blog was defaced after its parent RIM said it will co-operate fully with the house Office and police following the London riots.