By Staff Writer.
Cyber-attackers have hacked the computer servers holding sensitive Red Cross and Red Crescent data on more than half a million highly vulnerable people.
On Wednesday, the Geneva-based International Committee of the Red Cross (ICRC) confirmed hackers had targeted an unnamed external company in Switzerland that ICRC contracts to store data.
Collected from some 60 Red Cross and Red Crescent Societies worldwide, the stolen data includes the confidential and personal information of 515,000 people in acute distress, including those in detention, missing, and forcibly separated.
“We are all appalled and perplexed that this humanitarian information would be targeted and compromised,” said the ICRC’s director-general, Robert Mardini. “This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk.”
The ICRC says they don’t know who carried out the attack but have confirmed to CNN that ransomware was not involved. The global NGO said it was working alongside specialised cybersecurity firms to investigate the hack.
While the ICRC says there are no signs the stolen data has been leaked or shared, Robert Mardini has publicly asked the hackers not to do so.
“Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people and families behind the information you now have are among the world’s least powerful. Please do the right thing,” he said.
David Masson, Director of Enterprise Security at cybersecurity firm Darktrace, says the attack is proof no organisation is safe from cyber threats.
“Most cyber-criminals steal personal data to monetise the information, but what financial gain could possibly be derived from stealing the personal information of some of our world’s most vulnerable people?” he asks.
“This cyber-attack is an unfortunate and devastating example that no one and no organisation is immune to cyber harm.”
The ICRC is liaising with various frontline Red Cross and Red Crescent Societies to find ways to inform the individuals and families whose data may have been compromised and make sure those people remain safe. The ICRC says averting any potential risks these people face due to the information leaking is their most pressing concern.
“While reputational damage will be a concern for an organisation, it pales compared to the potential harm that may come to already highly fragile individuals and groups,” David Masson said.
In the immediate aftermath of the cyber-attack, the ICRC was forced to shut down the systems behind their Restoring Family Links program. Every day, the program helps reunite an average of 12 missing people separated from their families due to conflict, disaster or migration.
“Cyber-attacks like this jeopardise that essential work,” Mr Mardini noted, adding the ICRC was working on getting the program back up and running as soon as possible.
While still trying to establish the full potential fallout from the cyber-attack, the ICRC says it treats the attack extremely seriously and is working to safeguard data against any future cyber-attacks.