ICC War Crime Tribunal Admits ‘Cybersecurity Incident’

The International Criminal Court (ICC) in the Hague has admitted that it has been hacked, after it declared on Tuesday a “cybersecurity incident.”

The ICC made the admission on X (formerly Twitter), and said that it had detected “anomalous activity” on its IT systems at the end of last week.

The ICC made headlines in March this year when it issued arrest warrants for Vladimir Putin, the President of Russia, and Maria Lvova-Belova, Russian Commissioner for Children’s Rights.

ICC hack

The warrant against Putin was the first time an international arrest warrant has been issued against the leader of a permanent member of the United Nations Security Council.

Both are accused of the war crime of unlawful deportation and transfer of children during the illegal Russian invasion of Ukraine.

Moscow has rejected the accusations and the court’s jurisdiction.

Now six months later the ICC has admitted it has been hacked. It did not reveal much data about the intrusion, and said it will not be providing any further information at this time.

“At the end of last week, the International Criminal Court’s services detected anomalous activity affecting its information systems,” the ICC said. “Immediate measures were adopted to respond to this cybersecurity incident and to mitigate its impact.”

It said it working with Dutch authorities on the matter, as the ICC is housed in the Hague, a city in the Netherlands.

The hack is causing concern to the sensitive nature of the work it conducts, which could potentially include information about any of its war crime investigations, witness names and other confidential data.

There is no confirmation at the time of writing about what type of data has been accessed.

Prime target

The hack of one of the world’s most high-profile international institutions and one that handles highly sensitive information about war crimes, has drawn reaction from Jelle Wieringa, security awareness advocate at KnowBe4, who is based in the Netherlands, who noted that the ICC is a prime target for hackers.

“The International Criminal Court (ICC) is a high-profile organisation that investigates and tries individuals,” said Jelle Wieringa of KnowBe4.

“It has issued warrants for arrests of individuals such as Vladimir Putin, and other powerful persons suspected of crimes that concern the international community,” said Wieringa.

Read also : Russian Hackers Of London Hospitals Publish Patient Data

“This makes the ICC a prime target for cyber attacks, as it has information on criminal cases. Access to this information for the purpose of tampering with it, or as intelligence, is a powerful way for bad actors to influence and disrupt the proceedings of the international criminal justice system.”

“Judging from their statement, the ICC is on high alert and dealing with the ramifications of a cyber attack,” said Wieringa. “While the ICC is a highly professional organisation that pays a lot of attention to its cyber defence, this incident shows that really no organisation is exempt from cyber attacks.”

In today’s world, it is imperative that we all understand that no one is safe. And we all need to take measures to actively protect our organisations.”

Data theft

Meanwhile Jamie Moles, senior technical marketing manager at cloud native network detection and response provider ExtraHop, noted that local media have reported the ICC has lost significant volumes of data in the attack.

“We see this time and time again – organisations try to downplay the severity of an attack, which often blows back in their face,” said Moles. “The government then gives a stern condemnation of lax practices that enabled this attack in the first place. However the private and public sectors share common issues that make it equally likely for them to suffer these problems.”

“Now in reports coming out of The Netherlands public news broadcaster, NOS, it seems the International Criminal Court in the Hague may have lost significant volumes of data in an attack, the details of which it refuses to disclose at this time, but in all probability is a nation state attack happening just a week after the ICC established a field office in Kyiv to track Russian war crimes,” said Moles.

“Too often we see institutions fail to properly secure their networks and data leading to breaches and stolen data,” Moles concluded. “No one is exempt from bad actors, which is why every organisation should prepare to be attacked.”