Server with personal information of above 500,000 people faced a complex Cyber security attack. That information is linked with data from Red Cross and Red Crescent Movement. This incident triggered the renowned organizations to re-check and test the security of their data.
The server containing various services and information that ICRC was working on to reconnect people separated by wars, violence, etc. was detected an anomaly. And when the deep investigation was conducted, it was found that hackers took over the system and can access the data. To reduce the damage and to ensure the security of accessed data ICRC was forced to shut the servers off. Further to estimate the loss and identify the loopholes in the system independent audit firm was hired. Still, the genuine and authentic information regarding the hosts of the attack has not been confirmed. No ransom has been demanded in exchange for data so even a random guess or illogical move would create a blunder. ICRC is willing to communicate directly and confidentially so the hackers would respect the humanitarian action and the principles of ICRC would be preserved.
Concerned ICRC officials along with Red Cross and Red Crescent societies are working to inform individuals and families whose data are breached or at risk and what might be done to preserve them are under discussion.
As there were hackers on the system, they had the capacity to copy or export the data. As per the updates, no traces of publicizing those data are found. The data and information like names, Locations contracts are breached. Also, the data related to missing people, separated children receiving from Red Cross & Red Crescent Movement has been breached. As there are no traces of data being public or on sale on any platforms and if found ICRC has dedicated teams for the immediate actions.
Cyber-attacks like this hinder the working of the Red Cross and Red Crescent Movement. The breach in cyber security has violated the safe digital humanitarian space. If misused, it could potentially be used by States, non-state groups, or individuals to contact or find people to cause harm. This hack undermines people’s privacy and safety in many ways. ICRC along with Red Cross and Red Crescent Movement ensured the security of data and information but the sophisticated Cyber-attacks are quite hard to counter though detected soon simply to shield those kinds of attacks are quite difficult but this attack alerted the loopholes and the retesting of servers, every node, software and so on is going on seriously so ICRC further requests every individual to believe in them and work side by side to restore the data and prevent such illegal activities.
Thank you Suwarna Pyakurel, +2-SOS HGS Sanothimi