Pierluigi Paganini
October 22, 2023
The International Criminal Court shared additional information about the cyberattack that hit the organizations in September.
In September, the International Criminal Court (ICC) announced that threat actors have breached its systems last week. The experts at the International Criminal Court discovered the intrusion after having detected anomalous activity affecting its information systems.
The International Criminal Court (ICC) is an intergovernmental organization and a permanent international tribunal established to prosecute individuals for the most serious international crimes, including genocide, crimes against humanity, war crimes, and the crime of aggression. It was established by the Rome Statute, which entered into force on July 1, 2002. The ICC is headquartered in The Hague, Netherlands.
Statement of the #ICC Spokesperson on recent cybersecurity incident ⤵️ pic.twitter.com/CkPPuoaSHm
— Int'l Criminal Court (@IntlCrimCourt) September 19, 2023
The organization immediately activated the incident response plan to mitigate the incident. Now the ICC provided additional information about the attack and revealed it was carried out by a threat actor for espionage purposes. The attack was targeted and sophisticated, according to an update provided by the ICC that resumes the result of a forensic analysis of the incident, its causes and its impact, and initial mitigating measures.
“The evidence available thus far indicates a targeted and sophisticated attack with the objective of espionage. The attack can therefore be interpreted as a serious attempt to undermine the Court’s mandate.” reads the press release published by ICC. “Based on the forensic analysis carried out, the Court has already taken and will continue to take all necessary steps to address any compromise to data belonging to individuals, organisations and States. Should evidence be found that specific data entrusted to the Court has been compromised, those affected would be contacted immediately and directly by the Court. For the Court, the safety of its data and maintaining trust with all of its stakeholders are paramount.”
The Court states that information currently available doesn’t allow to attribute the attack to a specific threat actor. The Dutch law enforcement authorities are still investigating the security breach.
The ICC announced it has already taken necessary steps to address any compromise to data belonging to individuals, it also implemented additional security measures to improve its cybersecurity.
“The Court is also accelerating a number of existing initiatives aimed at enhancing digital security.” concludes the press release. “This latest attack comes at the time of broader and heightened security concerns for the Court: several elected officials, including Judges of the Court and the Prosecutor, have had criminal proceedings initiated against them; the Court has recently undergone daily and persistent attempts to attack and disrupt its systems; and the Court averted an almost successful attempt to infiltrate a hostile intelligence officer into the Court under the guise of an intern.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ICC)
