Hacker attack on the Red Cross: data of 515,000 people breached

A Swiss company that the humanitarian organization uses to store data has been hit. The IT systems at the base of a program that brings together families separated by conflicts, migrations and disasters have been blocked. At a turning point the attack on Ulss6 in Euganea: an Uzbek site seized

20 Jan 2022 Veronica Balocco

A cyber attack on a contractor used by the International Committee of the Red Cross (ICRC) compromised the personal data of more than 515,000 "highly vulnerable people". This was stated by the humanitarian organization itself, making it clear that the attack forced it to shut down the computer systems that support a program that brings together families separated by conflicts, migrations or disasters. It is unclear who was responsible for the incident, but the Red Cross said its "most pressing concern" is the potential disclosure of the compromised data. According to initial findings, however, there are no indications that this has happened. The hack hit a Swiss-based company that the Red Cross pays to archive its data. The compromised data came from at least 60 of the "national companies", or networks of volunteers and personnel, around the world that the Red Cross uses as first responders to disasters. "As a first step, we will work with the most interested ICRC delegations and Red Cross and Red Crescent societies on the ground, to find ways that allow us to inform individuals and families whose data may have been compromised," said the spokesperson. of the Red Cross Elizabeth Shaw -. We will also explain to them what measures are taken to protect their data and the risks they could possibly face ”. Shaw added that the Red Cross was working with "highly specialized" cybersecurity companies to respond to the attack. Independent cybersecurity consultant Lukasz Olejnik said the incident "appears to be the largest and most sensitive breach ever in the history of the ICRC and probably of all humanitarian organizations." Index of topics • "Nobody is immune from cyber threats" • Seized the site that disseminated the Ulss of Euganea data "Nobody is immune from cyber threats" “Most cybercriminals steal personal data to resell the information for profit, but what profit could they make by stealing information from some of the world's most vulnerable people? - comments David Masson, director of Enterprise security at Darktrace -. This attack is an unfortunate, yet devastating example of the fact that no individual and no organization is immune to cyber threats. The fact that the Red Cross appeals to the attackers to return the stolen data confirms that they are no longer safe, under its control and custody ”. "Reputational damage - he continues - certainly worries the organization, but it is nothing compared to the risks to which individuals and groups that are already very fragile in themselves can be victims. If the hackers do not return the stolen data, it is desirable that the Red Cross at least receives the help and support it needs to find and secure their information again quickly, reassuring and trying to restore the trust of those every day. relies on the organization, ensuring that its welfare programs are always operational ".

Seized the site that disseminated the Ulss of Euganea data

Still in the field of hacker attacks, investigations into the cyber aggression carried out at the beginning of December against Ulss 6 Euganea (Padua) are at a turning point. It is news at this time that the Venice District Prosecutor's Office has seized a website containing data released by cyber pirates, signed Lockbit 2.0. The investigation was activated following the request for money to decrypt the computer system and the turning point came two days ago with the publication of part of the data on the dark web. The Postal and Communications Police for Veneto went back to the source, blocking it on the orders of the Venetian DDA. The attack is attributable to the Uzbek domain lockbitatp.uz. The measure was promptly executed by the Postal Police, who notified all Italian Internet service providers who thus inhibited access to the content. @ALL RIGHTS RESERVED