The phenomenon of cyberattacks has reached such an extent that no one can bet that their personal, banking, or medical data will not one day be thrown out into the public square.
Last year there were cyberattacks against the cities of Morges and Montreux. Then against SMEs, retail chains, real estate agencies, administrations. And last week, a new level was reached with a cyberattack against the ICRC. Cybercriminals this time infiltrated the servers of the organization to steal the data of over 500,000 vulnerable people, separated from their families, in crisis situations, missing, or detained. What the organization feared, one of its major fears for years, has become reality, to the point that the former Director-General of the organization, Yves Daccord, speaks of a "major reputational risk". The ICRC has committed, on a basis of trust, to maintain the absolute confidentiality of the data it collects. Even if the perpetrators of the operation are unknown, and whether this data will be published and for what purpose, the motivations of the hackers might not necessarily be financial but political. It is frightening to think that they could fall into the hands of hostile organizations or governments with specific geostrategic views. It’s a goldmine.
We Are All Concerned
There is an urgent need to think about a legal framework, diplomatic responses, and a new security grammar in the age of major digital banditry. Switzerland, as the host country for humanitarian organizations, a neutral state, and the guardian of major international conventions, has a central role to play. It seems that the Minister of Foreign Affairs, Ignazio Cassis, is working on this.
The attack on the ICRC is a turning point. It highlights, for all those who still doubted, the invaluable worth of public or private data. It demands actions on a political, legal, and technological level to address the problem of storing and securing digital services.
Regarding NGOs, there is talk of an international treaty for a digital humanitarian space. But companies and individuals are just as affected. Imagine an attack on an SME working with connected tools. Its production could be blocked for weeks or even months, at the risk of it disappearing. Imagine a typical family, which, like everyone these days, has a PC, mobile phone, internet connection, with children who do "gaming", parents who work from home, shop online, etc. This family is at the mercy of hackers.
A Chance for Switzerland?
The phenomenon of cyberattacks has pushed companies like ELCA, previously more oriented towards large enterprises, to develop data security proposals for SMEs and communities. An assessment and proposals for improving protection can be considered as a kind of check-up of the digital tool in the age of internet banditry. For individuals, ELCA is now acting in partnership with cyber insurers. The need is enormous, both on the side of individuals and SMEs, notaries, doctors, or any other social actors.
At all levels, from individuals to large organizations, a massive mobilization is required to respond to cyberattacks. The challenge is to transform the catastrophe into an opportunity, for International Geneva, for Switzerland, and for its high-tech companies.
Contact our expert
Christophe GERBER
ELCA Security General Manager
Meet Christophe GERBER, our General Manager at ELCA Security. Contact Christophe to discuss how he can help propel your cybersecurity initiatives forward.