More

    ICRC still clueless on data breach

    Civil societyHuman rightsICRC still clueless on data breach
    - Advertisment -

    ICRC still clueless on data breach

    ICRC’s “deep data drive” into the hacking of its servers does not seem to have yielded much, except the knowledge that hackers had been inside these systems and had access to the data on them.

    The International Committee of Red Cross is still searching for answers, 10 days since it determined that servers hosting personal information of more than 500,000 people receiving Red Cross services were compromised in a cyber-security attack.

    An ICRC cyber partner detected an anomaly on the servers that contained information relating to the Red Cross’ restoring family links (RFL) services. RFL provides a unique service, reconnecting people separated by war, violence, migration and other causes. Every day, Red Cross societies all over the world, with help from ICRC, reunite 12 people with their families, ICRC claims.

    But ICRC’s “deep data drive” does not seem to have yielded much, except the knowledge that hackers had been inside these systems and had access to the data on them. For a start, there is no clarity on when the data breach first happened for how long it had been going on. Reports say that the breach was “determined” on 18 January.

    - Advertisement -

    The breach included personal data such as names, locations, and contact information of more than 515,000 people from across the world. But so far, the ICRC only presumes that the data sets were copied and exported.

    “We must presume so. We know that the hackers were inside our systems and therefore had the capacity to copy and export it,” The organisation has said in a statement.

    No dark web clues; no ransom demands, yet

    As a global network, ICRC has access to various levels of hierarchies within entities that even the most powerful governments often fail to establish. Yet, its statement, now 10 days on since the attack happened, says, “We do not know who is behind this attack.”

    It says that the ICRC hasn’t so far had any contact with the hackers and that no ransom has been asked for. “In line with our standing practice to engage with any actor who can facilitate or impede our humanitarian work, we are willing to communicate directly and confidentially with whoever may be responsible for this operation to impress upon them the need to respect our humanitarian action,” the statement reads.

    On reports that the information had been put up for sale on the dark web, the statement says that the organisation has “a dedicated team who are following any reports we receive of data being available on the dark web.”

    ICRC says that it does not wish to speculate on any possible misuse of this data. ICRC says, “If misused or in the wrong hands, it could potentially be used by States, non-state groups, or individuals to contact or find people to cause harm.”

    Yet, going by the statement put out by the organisation’s headquarters in Geneva, the world’s largest humanitarian organisation could see this coming.

    As it says in its statement, “We have been long aware of the danger that our data could one day be the target of an attack.” It says that the organisation has “invested substantially in cyber security and work with trusted partners to maintain high standards of data protection and systems.”

    Strong brand

    People connected with the Red Cross in SouthAsia doubt that this event will have long-term impacts on ICRC’s work, especially because RFL is not ICRC’s most resource intensive work.

    “ICRC is a preferred organisation for humanitarian funding in situations of wars and conflicts by many governments,” says a senior official who has closely observed the working of the highly privileged Swiss private organisation. “It is a brand and this latest happening will not disturb its reputation very much,” he said.

    - Advertisement -

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    Latest news

    Harnessing Tizu Zunki River: A Path to Economic Growth and Connectivity for Nagaland

    Sonowal announced plans to establish community jetties and explore the feasibility of Ro Pax ferries. These measures are expected...

    HLPF 2024: Protecting Civic Space Critical for SDGs Success

    Where civic space isn’t open, communities have significantly restricted and limited agency to pursue progress – the kind the...

    Court Decision Blocks Land Rights Initiative from 20 Years Ago, Sri Lankan President Reveals

    The government's efforts to address historical grievances and land rights remain a contentious issue, with ongoing debates on equitable...

    Ensuring Rural Health Services Key to Alleviating Poverty in Bangladesh, Health Minister Urges

    The health minister emphasized the importance of targeted healthcare investments, aiming to establish specialized medical facilities in every divisional...
    - Advertisement -

    AI Forecasting Deployed to Predict Nepal Landslides

    The AI-enhanced SAFE-RICCS system for predicting landslides has been rolled out in Nepal. The system analyses satellite images taken...

    Sri Lanka’s Prime Minister Affirms Commitment to Northern Peninsula Development

    Gunawardena engaged with Tamil political leaders at the Jaffna Divisional Secretariat Office, where he oversaw the distribution of rice...

    Must read

    Harnessing Tizu Zunki River: A Path to Economic Growth and Connectivity for Nagaland

    Sonowal announced plans to establish community jetties and explore...

    HLPF 2024: Protecting Civic Space Critical for SDGs Success

    Where civic space isn’t open, communities have significantly restricted...
    - Advertisement -

    More from the sectionRELATED
    Recommended to you