No one is safe from cybercriminals, not even humanitarian non-government organizations like the International Committee of the Red Cross (ICRC).
The Geneva-based agency revealed that it suffered a massive cyberattack that compromised the sensitive data of over 515,000 “highly vulnerable” people. That includes individuals “separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.“
Red Cross Hack – What Happened
A cyberattack on the Red Cross has exposed the personal information of more than 515,000 victims. The attackers targeted a Swiss contractor that the ICRC works with to store data from at least 60 Red Cross and Red Crescent national societies.
That includes sensitive information like names, contact details, locations, as well as login credentials of over 2,000 agency employees and volunteers, Red Cross told TechCrunch.
The data is used to reunite missing people with their families. But the attack forced the ICRC to shut down its Restoring Family Links program.
So far, there aren’t any indications the information has been exposed or shared, but that could change in the future. Hackers could demand a ransom in exchange for the data, leak it, or sell it to third parties.
This prompted the agency to plead with the cybercriminals responsible. “The real people, the real families behind the information you now have are among the world’s least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data,” ICRC Director-General Robert Mardini said.
But based on previous attacks on human rights and disaster relief groups, his pleas may fall on deaf ears. Cybercriminals are usually money-motivated, and their attacks on the likes of the United Nations, the US Agency for International Development, and hospitals were for financial gains.
Red Cross Hackers Unkown
ICRC Washington spokesperson Elizabeth Shaw told NPR that the perpetrators haven’t made any demands yet in exchange for the stolen data. It could indicate that the agency suspects it is indeed a ransomware attack. She added that Red Cross is working with “highly specialized firms” to find a proper solution for this “sophisticated” assault.
Our message is to underscore that real people, real families are behind the data and sharing, selling or using it has the potential to harm.Elizabeth Shaw, ICRC spokesperson in Washington
Ewan Watson, another ICRC spokesman, said this is the biggest cyberattack the organization has ever witnessed.
Attack on Red Cross – Expert View
Cybersecurity experts have condemned the attack and weighed in on what could happen if the data is made public.
Malwarebytes lead analyst Chris Boyd said hackers could use the stolen information to scam the victims. He gave the example of the earthquake and Tsunami that hit Japan in 2011 when hackers created fake Red Cross websites, emails, and more.
Brooks Wallace, VP EMEA at Deep Instinct, was worried that other cyber gangs are now aware of vulnerabilities in Red Cross’s third-party data storage providers.
Niel Harper and Daniel Dobrygowski wrote an article urging humanitarian organizations to invest in cybersecurity. Harper is the chief information security officer for the UN Office for Project Services, while Dobrygowski is the head of governance and trust at the World Economic Forum.
They argued that tech companies and major funders should help cover some of the expenses for proper cyber protection. “Donors must view cybersecurity as critical to aid operations.”