War crimes tribunal says September cyberattack was act of espionage


The International Criminal Court (ICC) said on Friday that the serious cybersecurity incident it detected in September was an act of espionage.

In a statement on the Court’s website, it said the attack can be “interpreted as a serious attempt to undermine the Court’s mandate.”

The statement did not suggest a perpetrator, but the Court — which is based in The Hague in the Netherlands — said that Dutch law enforcement authorities are conducting a criminal investigation.

It is not clear what information, if any, was stolen during the incident. As part of its duties, the Court processes sensitive information relating to war crimes investigations, including data about witnesses who could be at risk if their identities were exposed.

“Should evidence be found that specific data entrusted to the Court has been compromised, those affected would be contacted immediately and directly by the Court,” the ICC stated.

As a result of the attack, the ICC said it was “identifying actions and procedures to be ready to respond to any potential repercussions from the cyber-attack including any potential security risk to victims and witnesses, Court officials and the Court’s operations.”

It noted that the attack comes at a time of “broader and heightened security concerns for the Court,” including threats against several of its elected officials.

Following the Court’s decision to issue arrest warrants for Russian president Vladimir Putin, as well as the Russian Commissioner for Children’s Rights Maria Lvova-Belova for the deportation of Ukrainian children to Russia, Russian authorities in turn issued arrest warrants against the ICC president, deputy, and one of its judges.

In June 2022, Dutch intelligence detained an alleged Russian military intelligence officer using an elaborate false Brazilian identity in an attempt to infiltrate the ICC. The man has since been deported back to Brazil, where he is being prosecuted for using false documents.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Casio says customers in 148 countries affected by breach

Next Post

India raids tech-support fraud compounds after tip from Amazon, Microsoft

Related Posts

Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries

A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version as part of the process, said the base operating system used by the Utah-based software company for the device is CentOS 6.4. "Pulse Secure runs an
Read More

When a customer gets defrauded, should the enterprise reimburse?

The New York Attorney General’s decision to sue Citibank last week for failing to reimburse customers who'd been victimized by fraud raised some interesting issues for business that go beyond just Citibank. Specificially, when should a customer be reimbursed for fraud and at what point do the customer’s own actions come into play?To be clear, financial institutions have been routinely refusing to reimburse customers who have done nothing wrong. The far trickier issue is when the customer does indeed do something wrong.To read this article in full, please click here
Read More