Open Society Foundations (OSF) Award $1.1 Million Grant to Afrobarometer to Spur Future GrowthRead more The annual Global Impact Conference 2022 brings together visionary business leaders to revolutionize educational systems and inspire collaborative actionRead more APO Group announces content partnership with Pan-African broadcaster VoxAfricaRead more MainOne, an Equinix Company’s MDXi Appolonia Achieves Tier III Constructed Facility certification (TCCF), Now Most Certified Data Center in GhanaRead more United Nations High Commissioner for Refugees (UNHCR) warns rising tide of hunger, insecurity, and underfunding worsening gender-based violence risksRead more The Royal Thai Embassy presents the cultures of Thailand at the Association of Southeast Asian Nations (ASEAN) Festival in KenyaRead more Climate change is the biggest global threat, young people in Africa and Europe tell European Investment Bank (EIB), Debating Africa and Debating EuropeRead more $2 million in prizes awarded at Conference of the Parties (COP27) to African youth-led businessesRead more Africa and Europe’s top business and public sector leaders gather to chart Africa’s economic rebirthRead more The Thai delegation’s active participation at the 145th Assembly of the Inter-Parliamentary Union (IPU) in KigaliRead more

Red Cross eyes digital emblem for cyberspace protection

show caption
Officials hope a digital emblem would help protect computer systems of medical facilities from cyberattacks, much as the Red Cross emblem protect those who work in conflict zones./AFP
Print Friendly and PDF

Nov 04, 2022 - 03:32 AM

GENEVA, SWITZERLAND — When Red Cross staff work in conflict zones, their recognisable red-on-white emblems signal they and those they are helping should not be targeted.

Now, as warfare and attacks increasingly move into cyberspace, the organisation wants to create a digital emblem that would alert would-be attackers that they have entered computer systems of the Red Cross or medical facilities.

The International Committee of the Red Cross (ICRC) called Thursday on countries to support the idea, arguing that such a digital emblem would help protect humanitarian infrastructure against erroneous targeting.

“As societies digitalise, cyber operations are becoming a reality of armed conflict,” ICRC’s director-general Robert Mardini said in a statement.

“The ‘digital emblem’ is a concrete step to protect essential medical infrastructure and the ICRC in the digital realm.”

For more than 150 years, the organisation’s distinctive emblems — the red cross and red crescent, and more recently the red crystal — have conveyed in times of conflict that the people, facilities and objects they mark are protected under international law and that attacking them constitutes a war crime.

Potential for abuse? 

But to date, there are no such signals in the cyber world.

The ICRC has been mulling this idea for a while, launching a project in 2020 to examine the technical feasibility of creating a digital emblem, and opening consultations to weigh the benefits of such a system against potential for abuse.

Concerns have been raised that such an emblem could risk identifying a set of “soft targets” to malicious actors, making it easier to systematically target them.

Malicious actors could also misuse a digital emblem to falsely identify their operations as having protected status under international law.

But on Thursday, the ICRC presented a new report titled “Digitalising the Red Cross, Red Crescent and Red Crystal emblems”, concluding that the advantages outweighed the risks.

In the foreword, Mardini stressed that cyberattacks on medical facilities and humanitarian infrastructure can have dramatic, and deadly, real-life consequences.

He pointed to a growing numbers of cyberattacks on hospitals since the onset of the Covid-19 pandemic, which “have disrupted life-saving treatment for patients and forced doctors and nurses to resort to pen and paper at a time when their urgent work was needed most.”

‘Massive shock’ 

And the ICRC itself fell victim to a massive cyberattack last January, in which hackers seized the data of more than half a million extremely vulnerable people, including some fleeing conflict, detainees and unaccompanied migrants.

That attack “was really a massive shock for our institution,” Balthasar Staehelin, ICRC’s director of digital transformation and data, told a conference in Geneva recently.

While stressing that his organisation had long been focused on data protection, Mardini said the “data breach highlighted the urgency of our work in this area.”

“Protecting personal data, and ensuring the availability and integrity of our data and systems in the digital space, is essential to assist and protect people in the real world,” he added.

In the January case, hackers targeted an external company in Switzerland that the ICRC contracts to store data, and it remains unclear if the organisation itself had been intentionally targeted.

If unintentional, the attack could have been averted if the date bore an emblem signalling it was protected under international law, ICRC legal advisor Tilman Rodenhauser said during an event Thursday launching the report.

Such an emblem would provide “an additional layer of protection”, he said, stressing it would “signal to professional cyber operators that they need to stay out, by law and by ethics standards.”

ICRC said it had been working with a number of universities and others to develop possible technical solutions for a digital emblem.

It pointed to several possible approaches, including embedding the emblem in a domain name (for instance www.hospital.emblem), or embedding it in the IP address, with a specific sequence of numbers signalling a protected digital asset.

The organisation stressed though that to make a digital emblem a reality, countries need to agree on its use and incorporate it into International Humanitarian Law, alongside the three physical emblems currently in use.

MAORANDCITIES.COM uses both Facebook and Disqus comment systems to make it easier for you to contribute. We encourage all readers to share their views on our articles and blog posts. All comments should be relevant to the topic. By posting, you agree to our Privacy Policy. We are committed to maintaining a lively but civil forum for discussion, so we ask you to avoid personal attacks, name-calling, foul language or other inappropriate behavior. Please keep your comments relevant and respectful. By leaving the ‘Post to Facebook’ box selected – when using Facebook comment system – your comment will be published to your Facebook profile in addition to the space below. If you encounter a comment that is abusive, click the “X” in the upper right corner of the Facebook comment box to report spam or abuse. You can also email us.