The International Committee of the Red Cross has fallen victim to a cyber-attack
It has been reported that the International Committee of the Red Cross has recently suffered a cyber-attack, during which the data of more than 515,000 vulnerable people was accessed and seized. Some of the individuals affected recently fled conflicts. The ICRC confirmed the attack in a published statement: “A sophisticated cybersecurity attack against computer servers hosting information held by the International Committee of the Red Cross (ICRC) was detected this week. The attack compromised personal data and confidential information on more than 515,000 highly vulnerable people, including those separated from their families due to conflict, migration, and disaster, missing persons and their families, and people in detention.”
So far it is unknown who may be behind the attack. The hackers originally targeted an external company in Switzerland, which is contracted to store the ICRC’s data. Currently, there is no evidence that the sensitive data has been released to the public domain. The most pressing concern, however, is the potential risk that comes with this breach. Particularly, any confidential information being shared on the internet, as the data in question belongs to individuals whom the Red Cross and Red Crescent network seeks to protect.
Brian Higgins, security specialist at Comparitech commented: “Egregious attacks such as this are unfortunately becoming an occupational hazard for charity and relief organizations as the vital nature of the data they possess coupled with the extreme vulnerability of the individuals to whom it relates provides a highly attractive target for certain groups of cybercriminals. In the absence of any clear idea of motivation at this stage, the Red Cross is clearly doing everything they reasonably can to respond but I’m sure more information will soon come to light. It’s a sad yet sobering fact that network security is becoming more and more difficult as third party and supply chain organizations are vital elements of doing business in any sector, but it is almost impossible to implement consistent security protocols and defenses across an entire enterprise. Attackers will always find a weak link in the chain and exploit it. Now that this highly sensitive, humanitarian stolen data is in the wild one can only support the Red Cross Director-General in his call. Read more: https://bit.ly/3tJAy7l