The headquarters of the International Committee of the Red Cross (ICRC) in Geneva was the target of a cyberattack this week. The attack targeted the aid organization’s servers, where data and confidential information of more than 515,000 refugees and other vulnerable people were stored. The Dutch Red Cross is investigating whether data from the Dutch branch was also on the servers.
The Red Cross reveals the cyber attack in a press statement.
Top man: ‘Please don’t sell the stolen data’
The servers, which are managed by an external company in Switzerland, contained privacy-sensitive data of more than half a million people who are looking for relatives after they have been lost due to a disaster, conflict or detention. The information comes from at least 60 Red Cross Societies worldwide. The Red Cross is very concerned because of its size. “A cyberattack on data from people who are missing will only make the suffering for their relatives worse,” said Robert Mardini, head of the International Red Cross.
The director is stunned that humanitarian information is the target of a cyber attack. According to him, this cyber attack puts vulnerable people even further at risk. It is unknown who is responsible for the attack or why it took place. Mardini makes a moral appeal to the perpetrators not to sell the stolen data. “This action could cause even more pain and suffering to people who have already been through a lot. Please do the right thing. Do not share, sell or leak this data.”
The head of the International Red Cross says there is currently no indication that the stolen information on the servers has been leaked, shared or offered for sale. It is unclear when exactly the cyberattack took place. How the hackers managed to infiltrate the servers and whether ransom demands were made is also unknown.
Red Cross is forced to close the system behind family reunification
The IRCR runs ‘Restoring Family Links’ in collaboration with dozens of Red Cross associations worldwide. With this relief program, the organization tries to reunite families that have been separated by war or natural disasters. Thanks to the program, 12 missing people are reconnected with their families every day.
Due to the cyber attack, the Red Cross had to shut down the system behind this program. The aid organization says it is doing everything it can to find another way to continue the ‘Restoring Family Links program.
“Cyber attacks like this jeopardize this vital work,” Mardini said. “We, therefore, take this attack extremely seriously. We work closely with humanitarian partners around the world. With this, we hope to learn more about the scope of this attack soon so that we can take the appropriate measures so that we can properly protect the data in the future.”
‘Now is the time to take action’
After the outbreak of the corona pandemic, hackers attacked numerous hospitals, research labs and other healthcare facilities. The Red Cross was very concerned about this because access to patient data is essential in the fight against the coronavirus. In an open letter, the aid organization called on governments to work together and take action to protect the health sector from cyber-attacks.
“Hundreds of thousands of people worldwide have died from the virus and millions more have been infected. Medical care is more important than ever. This is certainly not the last crisis. Governments must shout loud and clear that cyberattacks against medical facilities are illegal and unacceptable,” the Red Cross wrote.
The open letter also stated the following. “We call on governments to join forces and work with civil society and the business community to respect and protect medical facilities and hold perpetrators accountable. But above all, governments must take action and stop cyberattacks on hospitals and healthcare facilities. Now is the time to take action.”
Update (January 26, 2022): The Red Cross has announced that at least 4,600 people who have turned to the Dutch branch for help in the past have become the victims of cyberattacks. Their names, dates of birth and country of origin were captured. Donors need not worry: their data has not been stolen by the attackers. The data breach has been reported to the Dutch Data Protection Authority.
The ICRC also says that it is a “targeted cyber attack against the organization”. So far, there has been no contact with the perpetrators and no ransom demands have been made. The International Committee of the Red Cross says it is willing to talk to the attackers to get the stolen data back. In the meantime, the organization is doing everything it can to get the systems that have been temporarily shut down again as soon as possible.
Catch up on more articles here
Follow us on Twitter here