Missed security update cause of Red Cross cyber attack

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

The International Committee of the Red Cross (ICRC) has determined the cause of last month’s cyber attack. An authentication module turned out not to be patched. The failure to install this security update allowed the attackers to exploit a zero-day exploit in the software.

That writes Robert Mardini, head of the ICRC, in an update and analysis about the attack.

Hackers steal personal data half a million people

In January, the headquarters of the International Committee of the Red Cross in Geneva was the target of a cyber attack. Hackers had access to personal and privacy-sensitive data of 515,000 refugees and other ‘extremely vulnerable people. Among them, more than 4,600 people have knocked on the door of the Dutch Red Cross branch in the past. The attackers also managed to steal the login details of about 2,000 employees and volunteers.

After the data breach came to light, the ICRC was initially able to provide few details about the cyber attack. Mardini suspected that it was a targeted attack on the Red Cross. He indicated that he wanted to enter into discussions with the perpetrators, but that has not yet happened. There is still no ransom demanded to get the data back. To the best of our knowledge, no personal data or passwords have been made public.

Security update not installed

On Wednesday, Mardini came up with new details about the cyber attack. On the ICRC website, the CEO writes that the hackers have exploited a security vulnerability in the authentication module Zoho ManageEngine ADSelfService Plus. The Red Cross uses this software to reset passwords required to

Read more

Explore the site

More from the blog

Latest News