Current:Home > FinanceCyberattack on Red Cross compromised sensitive data on over 515,000 vulnerable people-InfoLens
Cyberattack on Red Cross compromised sensitive data on over 515,000 vulnerable people
View Date:2024-12-23 14:51:59
The International Committee of the Red Cross has revealed that hackers have stolen data on over 515,000 "highly vulnerable people," recipients of aid and services from at least 60 affiliates of the charitable organization worldwide.
During the investigation into the extent of the attack, which targeted a contractor in Switzerland that was storing the data, the Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies.
The biggest concern is that the hackers will ransom, leak or sell sensitive information on the families and their locations to bad actors who might seek to cause further harm to victims. The Red Cross says it typically reunites 12 missing people with their families every day, work that will be interrupted for fear of further danger.
The aid organization, known for its role in armed conflicts, on Wednesday pleaded directly with the hackers in a statement to keep the data confidential.
"The real people, the real families behind the information you have now are among the world's least powerful," said Robert Mardini, the ICRC's director-general. "Please do the right thing. Do not sell, leak, or otherwise use this data."
The Red Cross did not immediately attribute the attack to specific cybercriminals, terrorists or nation-state hackers, nor did it provide any information or speculation about potential motivation for the cyberattack on its contractor in Switzerland.
A spokesperson for the ICRC in Washington, D.C., Elizabeth Shaw, told NPR that "there have been no demands" from the hackers in exchange for stolen data, indicating that the breach was likely not a ransomware attack.
The Red Cross has partnered with "highly specialized firms" to help deal with what it's calling a "sophisticated" attack, Shaw said. "Our message is to underscore that real people, real families are behind the data and sharing, selling or using it has the potential to harm," she wrote in an email to NPR.
It's still unclear why the hackers accessed the information, particularly as they haven't communicated any demands. However, vulnerable people can make for ideal targets for other possible scams and extortion, while refugees can become political pawns in broader geopolitical conflicts. Aid organizations could be espionage targets as well. Both the United Nations and the State Department's Agency for International Development were breached in 2021.
The families themselves, already victims of conflict and suffering, will be separated from family members longer periods of time, now fearful that they could be vulnerable to having their personal information exposed. "This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk," Mardini said.
Chris Painter, the president of the Global Forum on Cyber Expertise and the former top cyber diplomat at the State Department, told NPR the breach "highlights the human cost to hacking," rather than simply the financial cost to most companies and organizations that are victims of cyberattacks.
Similar to other sectors, the humanitarian community has benefited from advanced technology to more easily store data and improve response time in crises. However, those organizations don't always have the resources for advanced cybersecurity.
Niel Harper, the chief information security officer for the U.N. Office for Project Services, and Daniel Dobrygowski, the head of governance and trust at the World Economic Forum, wrote a piece earlier this week on why humanitarian organizations need to invest in cybersecurity — and why more well-endowed funders as well as tech companies should shoulder some of the cost. "Donors must view cybersecurity as critical to aid operations," they wrote.
Cybersecurity experts called for an international response to the cyberattack against the Red Cross.
"Exposing data of vulnerable people in the Red Cross database should be urgently addressed by international community and the perpetrators should be brought to justice," wrote Heli Tiirmaa-Klaar, the director of the Digital Society Institute in Berlin in an email to NPR. She previously served as Estonia's ambassador-at-large for cyber diplomacy.
"This is another grim reminder that cyber risks have real world consequences, and should be dealt with utmost care and responsibility," she added.
veryGood! (2)
Related
- Prosecutors say some erroneous evidence was given jurors at ex-Sen. Bob Menendez’s bribery trial
- Pair of giant pandas from China acclimating to new home at San Diego Zoo
- The Daily Money: Good tidings for home buyers
- Beyoncé Cécred scholarship winner says she 'was shocked' to receive grant
- 2 more escaped monkeys recaptured and enjoying peanut butter and jelly sandwiches in South Carolina
- Real Housewives of New Jersey's Gia Giudice Says This $6.99 Beauty Hack Is a Lifesaver for Travel
- In closing, prosecutor says Sen. Bob Menendez’s behavior in response to bribes was ‘wildly abnormal’
- Spain vs. France: What to know, how to watch UEFA Euro 2024 semifinal
- Where you retire could affect your tax bill. Here's how.
- Iran detains an outspoken lawyer who criticized 2022 crackdown following Mahsa Amini's death
Ranking
- Sofia Richie Reveals 5-Month-Old Daughter Eloise Has a Real Phone
- Sex and the City Star John Corbett Shares Regret Over “Unfulfilling” Acting Career
- Delta and an airline that doesn’t fly yet say they’ll run flights between the US and Saudi Arabia
- Target stores will no longer accept personal checks for payments starting July 15
- FC Cincinnati player Marco Angulo dies at 22 after injuries from October crash
- Pair of giant pandas from China acclimating to new home at San Diego Zoo
- Great-grandmother who just finished radiation treatments for breast cancer wins $5M lottery prize
- Stoltenberg says Orbán's visit to Moscow does not change NATO's position on Ukraine
Recommendation
-
Beyoncé has released lots of new products. Here's a Beyhive gift guide for the holidays
-
Arch Manning announces he will be in EA Sports College Football 25
-
'Running for his life': PhD student's final moments deepen mystery for family, police
-
Sparked by fireworks, New Jersey forest fire is 90% contained, authorities say
-
The Best Gifts for People Who Don’t Want Anything
-
Melissa Etheridge connects with incarcerated women in new docuseries ‘I’m Not Broken’
-
Joe Bonsall, Oak Ridge Boys singer, dies at 76 from ALS complications
-
Brett Favre is asking an appeals court to reinstate his defamation lawsuit against Shannon Sharpe