A digital equivalent of the Red Cross symbol to deter criminal hackers targeting healthcare facilities. This is what the International Committee of the Red Cross is asking after two years of planning and the numerous attacks on medical institutions and hospitals, the theft of data and medical records of soldiers and refugees.
Hacker
Red Cross victim of a cyber attack: the data of over 515 thousand “highly vulnerable people” at risk
by Arturo Di Corinto
The bet is that since the red cross on a white field is an international symbol that indicates the emergency room without any religious reference, its digital equivalent could serve to discourage hackers from attacking those who care for the weak, the sick or the injured.
The idea is simple: you could upload a file to each of the computers or devices in the hospitals; or create an emblem integrated into web domain names; or again, define a code associated with the IP addresses of medical facilities, but also do the three things together. Of course, a legal framework should be created to do this, but with the goodwill of individual countries it should not be too complicated.
No one is under the illusion that it would be able to stop new raids by those who in the past hacked the e-mail of the World Health Organization, the servers of European research centers, or those of vaccine factories, but perhaps it could lead them to think twice. times before blocking a hospital with ransomware as has already happened too many times forcing health professionals to delay even life-saving interventions.
This distinctive sign, a digital emblem, would not even guarantee the technical protection of cyber security for hospitals, Red Cross infrastructure or other health service providers, but would serve to signal that targeting essential medical facilities during an armed conflict such as the current one. between the Russian Federation and Ukraine harms the weakest of all parties and violates international humanitarian law.
In short, the digital symbol of help would be the equivalent of a red cross drawn on an ambulance, on a camp tent or a hospital. And it would work the same way, just as it happens today under the Geneva Convention which guarantees neutrality and protection to ambulances, military hospitals, medical personnel and material as well as to the wounded and civilian personnel of all parties who work to protect them too. from military attacks that have gone digital today.
Dozens of hospitals attacked via the Internet around the world during the pandemic. In Italy it happened to the Lazio Region last year with the result of blocking vaccination bookings for a week; it happened in a German hospital causing the death of a patient who was not treated in time due to the cyber attack and has repeatedly happened in India.
Furthermore, apart from the isolated cases that have had a bad outcome, ransomware attacks have been blocking hospitals and medical specialization centers for at least three years.
As reported by the Wall Street Journal, Chicago-based CommonSpirit Health, which operates more than 140 hospitals in 21 US states, was hit with ransomware last month, resulting in the blocking of electronic patient records. In August, however, after a ransomware attack, surgeries were stopped at the CHSF Hospital Center near Paris. And so also in other Baltic countries. The reason is well known: ransomware gangs target hospitals because they provide critical services and are therefore more likely to pay to restore their technology systems.
“However, precisely the latter – comments the lawyer expert in new technologies Andrea Monti – could be facilitated in identifying sensitive structures thanks to the proposed identifier. In war scenarios, the rescuers are generally respected by the contenders, but in peacetime and with cyber-criminals who gain from the problems they create and the noise they make, one has to ask if it is counterproductive ”.
Since the Russian invasion of Ukraine, for example, some 1,100 hospitals have been bombed but according to the CyberPeace Institute – based in Geneva, provides cybersecurity assistance to nonprofits – many more may have suffered attacks. DDoS and data theft.
Italian Tech had told how in January the Red Cross had been attacked by hackers infiltrating its systems and how they had access to the personal data of over 515,000 people, including those who were looking for relatives from whom they were separated due to a conflict or a migration. The organization at the time claimed that hackers were using tools designed specifically for its servers.