Deep Instinct says Red Cross breach is 'extremely worrying'

Red Cross has revealed a major data breach that compromised the personal details of over 515,000 “highly vulnerable” victims

Cybersecurity company Deep Instinct has commented on the recent Red Cross data breach.

The International Committee of the Red Cross (ICRC) has revealed a major data breach that compromised the personal details of over 515,000 “highly vulnerable” victims. It was stolen from a Swiss contractor that stores the data on behalf of the global humanitarian organisation headquartered in Geneva. The ICRC claimed it originated from at least 60 Red Cross and Red Crescent National Societies worldwide.

Brooks Wallace, VP EMEA at Deep Instinct says the attack is "extremely worrying".  "While they are still uncertain as to who conducted this attack, other cyber gangs now know that there are vulnerabilities within the Red Cross’ third party data storage provider. Unfortunately, when threat actors know that an organisations’ data is vulnerable and can be easily stolen, they are likely to return," he says. 

"With operations unable to run at 100 per cent it can have damaging and lasting impacts on families. The Red Cross have already said that on average when the organisation isn't under a cyberattack, it reunites 12 missing people with their families a day. When seconds are vital in a missing person case, the last thing an organisation needs is for their data to be missing and that it could take weeks to recover or may never be recovered. 

"Humanitarian organisations are often a priority target to cyber criminals due to the amount of personal information they hold. During the early months of the pandemic, ransomware gangs had promised not to target medical organisations due to the pressure they were under, however, there is no honour among thieves and they soon started stealing medical data. Gangs are ruthless, they don’t care about the humanitarian cause of an organisation and are only interested in targets which yield the greatest monetary gain. Organisations can no longer afford to think about ways to mitigate impacts of cyberattacks but must instead prevent them from infecting their network. 

"Most solutions, like endpoint detection and response (EDR), need an attack to execute before it can identify activity as malicious or benign, which is too slow when the fastest ransomware attacks can encrypt data within 15 seconds. Organisations need to invest in solutions that use technology, such as deep learning, which can deliver a sub-20 millisecond response time to stop malware pre-execution and before it can take hold. Humanitarian organisations are already trying to solve enough time-pressure situations, the last thing they need looming over their heads is the threat of a cyberattack," he concluded. 

Red Cross comments on attack

Robert Mardini, ICRC's director-general says: "An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised.

"While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them," said Mr Mardini.

"Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world's least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data," he concluded.


Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security