Red Cross Wants a Digital Emblem to Protect Systems from Cyberattacks

Updated on 2022-11-03: Red Cross Wants a Digital Emblem to Protect Systems from Cyberattacks

The International Committee of the Red Cross (ICRC) is seeking support a digital emblem that would identify its systems as off-limits from cyberattacks. For such an emblem to take effect, states would need to agree on how it will be used and to codify it as part of International Humanitarian Law. The ICRC has proposed three possible solutions: a DNS-based emblem, an IP-based emblem, and an Authenticated Digital Emblem that uses certificate chains.

Note

• Reminds me of the “Do Not Track” header browsers experimented with, or the “Do Not Hack” header I am adding as a bit of a joke to my web servers. Maybe the red cross should resurrect it’s “redcross.int” domain again and use it for sites it attempts to protect.
• My first response was to scoff, but one hundred and fifty years ago, it probably took many years for the Geneva Convention to recognize the Red Cross to protect medical workers on battlefields. There have been many incidents of that convention being violated, but respecting it largely has become part of the “norms” of physical battle. The difference these days is that it will quickly be used in phishing campaigns, and verification methods will be ignored.
• The comparison to kinetic warfare, equating the digital emblem to a red-cross uniform, while an accurate analogy, may not be sufficient to deter attackers unless there is sufficient international law to support consequences which vastly outweigh the appeal of the attack. Even after that is in place, you still need to be prepared for an attack. Don’t be the one not wearing Kevlar. Enable all the protections for services and devices you already own, make sure that you have a standard to set the minimum level of protections as well as how to incorporate these into your overall incident prevention and response capabilities, whether insourced or outsourced. Now review these regularly to make sure they are both functional and relevant
• Institutions like the Red Cross/Red Crescent should be declared off-limits from cyberattacks. While not a digital emblem, a plea was made to ransomware purveyors not to attack hospital and care centers during the onset of the COVID pandemic. That lasted about a week. It’s likely that nation states would abide by the intent of the digital emblem, cyber criminals however, have different motives.
• So, a little while back, some of the major ransomware gangs promised they’d stop attacking hospitals, and here we are. I’m not saying it’s foolish for the Red Cross to ask for such a thing, and it’d be fantastic if it worked, but count me skeptical.

Read more in

• ICRC proposes digital red cross/crescent emblem to signal protection in cyberspace
• Digitalizing the Red Cross, Red Crescent and Red Crystal Emblems
• Red Cross Eyes Digital Emblem for Cyberspace Protection

Overview: Red Cross digital emblem

The International Committee of the Red Cross said Thursday that it was looking into creating a digital version of its red cross and red crescent emblems that could be added on existing websites or networks to signal hackers that they have accessed systems and networks of medical facilities, humanitarian aid, or Red Cross agencies. Yeah, good luck with that! I’ve heard threat actors care about those things. Especially the ones from authoritarian regimes hunting down minorities for genocide and forced labor camps. Read more:

• Digitalizing the Red Cross, Red Crescent and Red Crystal Emblems
• Cyber-attack on ICRC: What we know