The International Committee of the Red Cross is dedicated to helping some of the most vulnerable communities across the world. For more than 150 years, the organization has given protection and assistance to victims of armed conflict.
But earlier this month, the ICRC itself became the victim of a sophisticated cybersecurity attack. Cybercriminals targeted a Switzerland-based contractor that provides data storage for the organization.
The attack, which the ICRC discovered on January 19, exposed sensitive personal information on more than half a million aid recipients from at least 60 Red Cross and Red Crescent National Societies globally, according to one report.
Critical Aid Program Suspended
The ICRC announced in a statement that the attack forced the suspension of its Restoring Family Links program. This program attempts to bring together families separated by conflict, natural disasters or migration.
ICRC Director-General David Mardinia said on average that the group reunites 12 missing people with their families every day. “Cyberattacks like this jeopardize that essential work,” he said in the statement.
Contractor and Third-Party Risks
It’s not enough to ensure that an organization has a tested and effective data security strategy. All the companies that an organization does business with must also meet the same cybersecurity threshold to prevent unauthorized access to sensitive data via an outside vendor.
IT security watchdog groups have long been aware of the threat posed by attacks on IT service providers, including managed service providers and cloud service providers. As was the case in the ICRC attack, any gap in a vendor’s network security puts your data at risk.
Effective Cybersecurity Protection
No organization is immune to a cyberattack. Cybercriminals have managed to keep pace with the rapid acceleration of network security solutions by finding new and more sophisticated methods of attack. But there are common-sense protocols that a surprising number of organizations fail to implement.
SecureData has developed comprehensive data security strategies for more than a decade. These solutions provide the highest level of security available by combining advanced protection for the most common pathways of attack.
SecureDrive® and SecureUSB® FIPS-validated and hardware-encrypted storage devices give organizations an effective offline backup system to prevent ransomware from encrypting and exfiltrating any backup data connected to an infected server.
SecureData’s award-winning BT line of bluetooth-enabled drives come enabled for our Remote Management (RM) Console out of the box. This subscription service empowers IT administrators to maintain strict control over where, when, and how any BT drive can be accessed.
Protecting network endpoints has never been easier with SecureGuard USB. This data loss prevention solution works within the RM Console to enable or restrict specific USB devices throughout an organization. It can also block computer access when a restricted device is connected to a computer.
Any breach of protected data – whether it’s the personal details of humanitarian aid recipients, HIPAA-protected health information for clinics or hospitals, or consumer financial data – can have devastating consequences. That’s why SecureData remains committed to providing the most trusted and effective data security solutions available.
Call us at 424-363-8535 to speak to one of our data security experts or schedule a free product demonstration.