Red Cross cyberattack sees data of thousands at-risk people stolen
Another supply chain attack with grave consequences
A supply chain attack has resulted in the data of more than half a million “highly vulnerable people” stolen from Red Cross systems.
A contractor for the Swiss-based International Committee of the Red Cross (ICRC) fell victim to a cyberattack recently, with unknown malicious actors making away with sensitive data on more than 515,000 individuals.
And not just any individuals - people who got separated from their families through conflict, migration, or natural disasters, missing persons and their families, as well as people in detention.
Mystery attack
Initial reports are saying that this was not a ransomware attack, but we don't know if any endpoints were infected with malware, or if a malicious actor compromised the network via a stolen identity.
The data that was stolen came from at least 60 Red Cross and Red Crescent “national societies”, comprising of information on staff, volunteers, first respondents, as well as those affected by various tragedies.
"As a first step, we will work with most concerned ICRC delegations and Red Cross and Red Crescent societies on the ground to find ways to inform individuals and families whose data may have been compromised, what measures are being taken to protect their data and the risks they may possibly face," Red Cross spokesperson Elizabeth Shaw told CNN.
Biggest breach ever
The Red Cross also said it employed a “highly specialized” cybersecurity firm in response.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Speaking to CNN, Lukasz Olejnik, a former cyber warfare adviser at Red Cross headquarters in Geneva, said chances are this is “the biggest and most sensitive breach in the history of ICRC”. Considering the sensitiveness of the data, it could also be the greatest breach “of all humanitarian organizations to date.”
Who would want to target such a cohort, and to what end, is anyone’s guess. Most ransomware operators, for example, have recently announced they would refrain from targeting government institutions, key infrastructure firms, and healthcare institutions, after a counter-offensive by multiple law enforcement agencies, militaries, and intelligence agencies around the world, which took down some of the largest players.
- You might also want to check out our list of the best firewalls right now
Via: CNN
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.