A cyberattack on a Swiss contractor of the International Committee of the Red Cross (ICRC) led to a data breach impacting more than 515,000 people, the organization said on Wednesday in a press release. The stolen data belongs to a vulnerable group of people enrolled in the Restoring Family Links initiative aimed at families separated due to disasters, war, or migration.
Although the nature of the cyberattack is still unknown, the ICRC said that it temporarily suspended the Restoring Family Links program since the data included personal and confidential information.
“Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering,” said Robert Mardini, ICRC’s director-general, pleading with the unknown threat actors. “Please do the right thing. Do not share, sell, leak or otherwise use this data.”
Humanitarian and health organizations get targeted by hackers due to their strategic importance, the highly vulnerable data that they work with, and because these types of incidents gain a significant amount of media attention.
For example, since 2020, cybercriminals have been using the fear and uncertainty surrounding the COVID-19 pandemic to exploit it to its fullest by launching attacks against people and organizations. There have been phishing attacks disguised as ”Free PCR test against Omicron”, United Nations COVID-19 compensation email scams, and a cyberattack targeting the Brazilian Ministry of Health that stole COVID-19 vaccination data.
In September, the United Nations was breached by hackers and employee credentials were sold on the dark web. Additionally, in May, a hacker group called Nobelium cracked the email systems of the US State Department’s Agency for International Development (USAID) and sent infected messages to 3,000 accounts in 150 different organizations between 24 countries.
It’s not clear yet if the attack against the ICRC is financially or politically motivated. The organization is a vocal advocate of applying International Humanitarian Law (IHL) in order to outlaw cyberattacks against civilians during conflicts. If the stolen personal information fell into the hands of a state actor, however, it could be used to identify and persecute civilians belonging to specific groups.
“Every day, the Red Cross Red Crescent Movement helps reunite on average 12 missing people with their families. That’s a dozen joyful family reunifications every day. Cyber-attacks like this jeopardize that essential work,” Mardini said. “We are taking this breach extremely seriously. We are working closely with our humanitarian partners worldwide to understand the scope of the attack and take the appropriate measures to safeguard our data in the future.”