Deep Instinct says Red Cross breach is 'extremely worrying'

Red Cross has revealed a major data breach that compromised the personal details of over 515,000 “highly vulnerable” victims

Cybersecurity company Deep Instinct has commented on the recent Red Cross data breach.

The International Committee of the Red Cross (ICRC) has revealed a major data breach that compromised the personal details of over 515,000 “highly vulnerable” victims. It was stolen from a Swiss contractor that stores the data on behalf of the global humanitarian organisation headquartered in Geneva. The ICRC claimed it originated from at least 60 Red Cross and Red Crescent National Societies worldwide.

Brooks Wallace, VP EMEA at Deep Instinct says the attack is "extremely worrying".  "While they are still uncertain as to who conducted this attack, other cyber gangs now know that there are vulnerabilities within the Red Cross’ third party data storage provider. Unfortunately, when threat actors know that an organisations’ data is vulnerable and can be easily stolen, they are likely to return," he says. 

"With operations unable to run at 100 per cent it can have damaging and lasting impacts on families. The Red Cross have already said that on average when the organisation isn't under a cyberattack, it reunites 12 missing people with their families a day. When seconds are vital in a missing person case, the last thing an organisation needs is for their data to be missing and that it could take weeks to recover or may never be recovered. 

"Humanitarian organisations are often a priority target to cyber criminals due to the amount of personal information they hold. During the early months of the pandemic, ransomware gangs had promised not to target medical organisations due to the pressure they were under, however, there is no honour among thieves and they soon started stealing medical data. Gangs are ruthless, they don’t care about the humanitarian cause of an organisation and are only interested in targets which yield the greatest monetary gain. Organisations can no longer afford to think about ways to mitigate impacts of cyberattacks but must instead prevent them from infecting their network. 

"Most solutions, like endpoint detection and response (EDR), need an attack to execute before it can identify activity as malicious or benign, which is too slow when the fastest ransomware attacks can encrypt data within 15 seconds. Organisations need to invest in solutions that use technology, such as deep learning, which can deliver a sub-20 millisecond response time to stop malware pre-execution and before it can take hold. Humanitarian organisations are already trying to solve enough time-pressure situations, the last thing they need looming over their heads is the threat of a cyberattack," he concluded. 

Red Cross comments on attack

Robert Mardini, ICRC's director-general says: "An attack on the data of people who are missing makes the anguish and suffering for families even more difficult to endure. We are all appalled and perplexed that this humanitarian information would be targeted and compromised.

"While we don't know who is responsible for this attack, or why they carried it out, we do have this appeal to make to them," said Mr Mardini.

"Your actions could potentially cause yet more harm and pain to those who have already endured untold suffering. The real people, the real families behind the information you now have are among the world's least powerful. Please do the right thing. Do not share, sell, leak or otherwise use this data," he concluded.


Featured Articles

Testing time for British intelligence search for girl power

More than 8,700 girls set to take part in a contest which seeks to inspire young women to pursue cyber careers and create lasting change in the industry

One in five business leaders fear cybersecurity “inside job”

Business leaders worry about the threat from within, with 71% convinced their next big cybersecurity event will be caused by an employee, new survey claims

GCHQ says UK under attack from groups in Russia and Iran

The UK’s National Cyber Security Centre has exposed details of malicious campaigns against targets of interest across specified sectors, including academia

ICYMI: Spoofing plane dangers and “terrorism on steroids”

Network Security

FBI turns tables on hackers in ransomware “cyber stakeout”

Network Security

Klamath Falls calls on ZeroEyes to spot and stop shooters

Operational Security