Current:Home > FinanceCyberattack on Red Cross compromised sensitive data on over 515,000 vulnerable people-InfoLens
Cyberattack on Red Cross compromised sensitive data on over 515,000 vulnerable people
View Date:2024-12-24 03:09:03
The International Committee of the Red Cross has revealed that hackers have stolen data on over 515,000 "highly vulnerable people," recipients of aid and services from at least 60 affiliates of the charitable organization worldwide.
During the investigation into the extent of the attack, which targeted a contractor in Switzerland that was storing the data, the Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies.
The biggest concern is that the hackers will ransom, leak or sell sensitive information on the families and their locations to bad actors who might seek to cause further harm to victims. The Red Cross says it typically reunites 12 missing people with their families every day, work that will be interrupted for fear of further danger.
The aid organization, known for its role in armed conflicts, on Wednesday pleaded directly with the hackers in a statement to keep the data confidential.
"The real people, the real families behind the information you have now are among the world's least powerful," said Robert Mardini, the ICRC's director-general. "Please do the right thing. Do not sell, leak, or otherwise use this data."
The Red Cross did not immediately attribute the attack to specific cybercriminals, terrorists or nation-state hackers, nor did it provide any information or speculation about potential motivation for the cyberattack on its contractor in Switzerland.
A spokesperson for the ICRC in Washington, D.C., Elizabeth Shaw, told NPR that "there have been no demands" from the hackers in exchange for stolen data, indicating that the breach was likely not a ransomware attack.
The Red Cross has partnered with "highly specialized firms" to help deal with what it's calling a "sophisticated" attack, Shaw said. "Our message is to underscore that real people, real families are behind the data and sharing, selling or using it has the potential to harm," she wrote in an email to NPR.
It's still unclear why the hackers accessed the information, particularly as they haven't communicated any demands. However, vulnerable people can make for ideal targets for other possible scams and extortion, while refugees can become political pawns in broader geopolitical conflicts. Aid organizations could be espionage targets as well. Both the United Nations and the State Department's Agency for International Development were breached in 2021.
The families themselves, already victims of conflict and suffering, will be separated from family members longer periods of time, now fearful that they could be vulnerable to having their personal information exposed. "This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk," Mardini said.
Chris Painter, the president of the Global Forum on Cyber Expertise and the former top cyber diplomat at the State Department, told NPR the breach "highlights the human cost to hacking," rather than simply the financial cost to most companies and organizations that are victims of cyberattacks.
Similar to other sectors, the humanitarian community has benefited from advanced technology to more easily store data and improve response time in crises. However, those organizations don't always have the resources for advanced cybersecurity.
Niel Harper, the chief information security officer for the U.N. Office for Project Services, and Daniel Dobrygowski, the head of governance and trust at the World Economic Forum, wrote a piece earlier this week on why humanitarian organizations need to invest in cybersecurity — and why more well-endowed funders as well as tech companies should shoulder some of the cost. "Donors must view cybersecurity as critical to aid operations," they wrote.
Cybersecurity experts called for an international response to the cyberattack against the Red Cross.
"Exposing data of vulnerable people in the Red Cross database should be urgently addressed by international community and the perpetrators should be brought to justice," wrote Heli Tiirmaa-Klaar, the director of the Digital Society Institute in Berlin in an email to NPR. She previously served as Estonia's ambassador-at-large for cyber diplomacy.
"This is another grim reminder that cyber risks have real world consequences, and should be dealt with utmost care and responsibility," she added.
veryGood! (515)
Related
- Burger King is giving away a million Whoppers for $1: Here's how to get one
- Picking a good health insurance plan can be confusing. Here's what to keep in mind
- White woman who fatally shot Black neighbor through front door arrested on manslaughter and other charges
- How Fatherhood Changed Everything for George Clooney
- Businesses at struggling corner where George Floyd was killed sue Minneapolis
- The fearless midwives of Pakistan: In the face of floods, they do not give up
- Botched Smart Meter Roll Outs Provoking Consumer Backlash
- Jay Inslee on Climate Change: Where the Candidate Stands
- It's Red Cup Day at Starbucks: Here's how to get your holiday cup and cash in on deals
- 15 Practical Mother's Day Gifts She'll Actually Use
Ranking
- NFL coaches diversity report 2024: Gains at head coach, setbacks at offensive coordinator
- Key Tool in EU Clean Energy Boom Will Only Work in U.S. in Local Contexts
- Shannen Doherty says breast cancer spread to her brain, expresses fear and turmoil
- Travelers coming to the U.S. from Uganda will face enhanced screening for Ebola
- We Can Tell You How to Get to Sesame Street—and Even More Secrets About the Beloved Show
- How Fatherhood Changed Everything for George Clooney
- The Ice Bucket Challenge wasn't just for social media. It helped fund a new ALS drug
- Coming out about my bipolar disorder has led to a new deep sense of community
Recommendation
-
Rachael Ray Details Getting Bashed Over Decision to Not Have Kids
-
See it in photos: Smoke from Canadian wildfires engulfs NYC in hazy blanket
-
When will the wildfire smoke clear? Here's what meteorologists say.
-
The Ice Bucket Challenge wasn't just for social media. It helped fund a new ALS drug
-
Georgia lawmaker proposes new gun safety policies after school shooting
-
Jana Kramer Details Her Surprising Coparenting Journey With Ex Mike Caussin
-
SoCal Gas Knew Aliso Canyon Wells Were Deteriorating a Year Before Leak
-
Rollercoasters, Snapchat and Remembering Anna NicoIe Smith: Inside Dannielynn Birkhead's Normal World