Feb 14, 2020 1:04:27 PM
.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Feb 14, 2020 1:04:27 PM
The target: The United Nations
The take: 400GB of data including: internal documents and emails, human resource records, database access, commercial information, and Active Directory access.
The attack vector: The threat actors used compromised 42 servers in total when they were able to exploit a known remote code vulnerability in Microsoft Sharepoint. This let the attackers move freely within all of the IT systems. A patch was released a few months prior to the breach, but the U.N’s IT department failed to deploy the patch when it was released, leaving a significant timeframe in which their systems were vulnerable.
This breach highlights the critical importance of maintaining an inventory of internal systems and software, and ensuring those systems are kept up-to-date. Security vulnerabilities can be exploited as soon as they’re identified, underlining the importance of adhering to a regular and frequent patching schedule.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy