When missing data security puts human lives at risk: cyber-attack against ICRC
The message spread quickly around the globe. The International Red Cross was the victim of a cyberattack in which sensitive data of more than half a million people had been stolen. The danger is that the data is from people who require special protection. The ICRC is known for providing humanitarian aid in conflict regions. It is unclear who is behind the attack, but Prewen knows how to prevent cyberattacks of this kind.
What happened? Worst Case Scenario for the ICRC.
In January, the International Committee of the Red Cross reported an alleged cyberattack on their server hosted in Switzerland. In the process, 515’000 data records of «particularly vulnerable individuals» were stolen. The NZZ warned, «Whoever attacks the ICRC violates the most elementary rules of civilization, comparable to an attack on an ambulance or shooting at medics in a war zone.» Data from the ICRC's Family Link service, in which people who have been separated from their families are reunited, were affected, he said.
Who is behind it? Most cyberattacks stay undetected.
ICRC Director-General Robert Mardini appealed to the data thieves not to publish the stolen data because it would threaten many people's lives. The fact that the criminals did not come forward, in this case, does not bode well. The reason lies in the type of cyberattack. Generally, there are two types of cybercrimes involving data:
Ransomware attacks: The criminals gain access to the servers and encrypt all the data. Companies can no longer access their data. Usually, ransom demands follow to unlock the affected data.
Data theft/data misuse: Data is copied, often so that the attack victims are unaware of the theft. These attacks may be intended to sell the data to the highest bidder, commit industrial espionage, or obtain information in political-military disputes.
In the case of the ICRC, there are indications that it is a matter of data misuse. It is not unusual for a state actor to be behind such cyber attacks, targeting opposition or political forces. Hopefully, this scenario will remain untrue for the ICRC, and human lives are not put at risk.
How can data misuse be prevented? Data-centric security with format-preserving encryption.
Cyber attack headlines are becoming increasingly frequent. NZZ am Sonntag recently referred to the latest cyberattacks at swiss railways, the mailorder pharmacy Zur Rose, and the ICRC. These cases have in common that the data misuse could have been relatively easily avoided. Previous data security solutions primarily protect the IT infrastructure. But almost all companies now rely on cloud services, which can no longer be covered in the same way. Prewen puts its faith in data-centric security with format-preserving encryption. Data is encrypted so that it is not available in plain text in the event of data theft, thereby eliminating the chances of data misuse.
Companies with a critical data footprint rely on Prewen: Swisscom and SIX are data-centric protected.
Data-centric data protection is still unknown to many companies and even IT specialists. The technology, now already 20 years old, makes it possible to protect data from misuse - thanks to format-preserving encryption in all types of data, in all existing applications, and on all storage media (local or cloud). Two prominent companies with very high data security requirements have chosen Prewen to implement this solution: Communications leader Swisscom and SIX Group, which connects the financial markets of Switzerland, Spain, and the rest of the world.
Why don't all companies with sensitive data embrace data-centric protection?
Robert Carr, CEO of Heartland Payment Systems, expressed his amazement as follows: «Really, I don't understand why everyone in the world hasn't already adopted this form of encryption.» The question can only be answered if we look at the evolution of data security. Traditionally, people secured their infrastructure. That worked well until the IT infrastructure was distributed, data and applications were made accessible everywhere, and various service providers and cloud services were utilized. Just as there has been this paradigm shift in the use of data, there needs to be a rethink in protecting data. At the heart of this will be data-centric protection with format-preserving encryption. Only when this change has been accomplished will the number of reports of successful cyberattacks decrease again, and fatal data thefts, as in the example of the ICRC, will be efficiently avoided - without any restriction in the use of the data.
Learn more about data-centric security or Prewen's data security offer.
