Red Cross Wants Digital Symbols to Deter Hackers From Healthcare Institutions
The international organization proposed three options that could serve as a digital equivalent of the red cross symbolThe International Committee of the Red Cross proposed creating a digital equivalent to its distinctive red symbol to warn off hackers who attempt to break into medical institutions' networks. Such a digital emblem would deter some but not all hackers, Red Cross advisers say, at a time when hospitals are frequently hit with cyberattacks.
The emblem wouldn't provide technical cybersecurity protection to hospitals, Red Cross infrastructure or other medical providers, but it would signal to hackers that a cyberattack on those protected networks during an armed conflict would violate international humanitarian law, experts say, Tilman Rodenhäuser, a legal adviser to the International Committee of the Red Cross, said at a panel discussion hosted by the organization on Thursday.
"No one should mistake it as a silver bullet, it's simply a symbol of protection," he said.
Interesting discussion at: A Digital Red Cross
Do you think such a thing would work ?
(Score: 2, Insightful) by Anonymous Coward on Wednesday November 16 2022, @03:32PM (1 child)
Because of their juicy data, medical institutions are high profile targets for data theft.
A new emoji ain't going to change that.
(Score: 5, Interesting) by Immerman on Wednesday November 16 2022, @08:42PM
Nope.
But it would warn off troublemakers who have some trace of morals, as well as making it easy to tell worms and other semi-autonomous intrusion tools to not attack medical networks.
Which in turn would likely mean that any intrusion into those networks would be automatically regarded as a human rights violation, and violation of international law. Heck, any deployment of worms, etc. that don't have and use an "avoid medical networks" option would likely be classified as an attempted human rights violation (not sure if there's currently legal consequences for that)
And since intentional human rights violations (by anyone except allied nation-states) tends to garner some pretty serious political and legal repercussions (if anyone with power cares), governments will be well positioned to throw the book at anyone deploying such software, with no need to worry about extradition, etc.
Some asshole hacking hospitals from China, Nigeria, etc. would no longer be protected by the difficulty in prosecuting someone across national borders - they violated international law, and thus their own government will be obligated to bring them in or face consequences.
That might actually have some positive effects.
(Score: 5, Informative) by bradley13 on Wednesday November 16 2022, @04:00PM (5 children)
First, how are you going to display such a symbol, in a way that the companies' logos don't already cover?
More importantly, black-hat hackers know perfectly well who they are targetting. Health care instututions need to have their equipment online, and it's known that medical equipment is often poorly securing. Juicy targets - now with confirmed identity!
Everyone is somebody else's weirdo.
(Score: 5, Interesting) by Opportunist on Wednesday November 16 2022, @04:31PM (4 children)
Just make an international court for persecuting this kind of asshole. Make sure that not supporting it puts you and your country on a "no international trade for you" list.
That will quickly convince countries to comply and have their state hackers target something else.
(Score: 5, Insightful) by number11 on Wednesday November 16 2022, @06:56PM (3 children)
That'll work until some 3-letter US agency gets caught targeting Dear Chubby Leader's clinic, Israel gets caught targeting a Norwegian hospital because a Mossad target gets care there, or a Chinese military agency gets caught penetrating a Taiwanese medical facility. Or Saudi Arabia is just looking for real-life examples of bone saw use. Every country will find some reason why it doesn't apply to them. Quis custodiet ipsos custodes?
(Score: 3, Interesting) by Opportunist on Wednesday November 16 2022, @11:51PM (2 children)
Then I guess it's about fucking time the world grows up and deals with this international bully.
Because that's what the US is. A bully. Strong, tough, even the teacher (aka as The UN) is afraid of him. Everyone sucks up to him, hoping to get some scraps off his table, but behind his back everyone hates that asshole. Why do we still put up with that schoolyard bully?
And the same goes for the other examples that you cite. We need to figure out what's more important, our comfort or our integrity.
(Score: 2) by Immerman on Thursday November 17 2022, @02:53PM (1 child)
>Why do we still put up with that schoolyard bully?
You already answered that question:
>Strong, tough, even the teacher (aka as The UN) is afraid of him.
US military doctrine is to be able to handily defeat the next two most powerful militaries in the world, simultaneously - and there's really only. And we consume roughly 1/4 of the world's resources - economically, nobody can sanction us effectively without hurting their own economies almost as badly.
The question is not why, but how do you get rid of a schoolyard bully when there's nobody with the power or authority to do so. If *everyone* else allied to bring us down, they'd have a good chance - but it would hurt them badly to do so, and it wouldn't take many flipping sides to bring down their other rivals to decisively sway the balance of power. And while almost nobody likes us, almost everybody hates someone else more.
(Score: 2) by Opportunist on Thursday November 17 2022, @04:02PM
Same way we got rid of the Roman Empire: Wait 'til it collapses under its own weight.
Right now, the US is very eager to tear itself apart. No matter how ridiculous and unimportant an issue is, you will certainly find two groups in the US hellbent on dying on that hill to prove to everyone that they are RIGHT about this, or that they have the RIGHT to do or say that.
There's no need to attack the US. It is quite capable of doing it itself just fine.
(Score: 5, Insightful) by JoeMerchant on Wednesday November 16 2022, @04:05PM (2 children)
The Target logo. Seriously, these are hackers, they're after money, they don't care that people might have their healthcare compromised. Announcing that you are a healthcare institution, especially in the U.S., is tantamount to announcing that you have a lot of extra money and an industry history of paying ransoms for locked data.
I can see how red crosses on field hospitals and ambulances might deter combatants from kicking their opponents while they are down - at least more often than not - but in the world of data for ransom? I think they have the psychology all wrong.
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
(Score: 2) by HiThere on Wednesday November 16 2022, @10:14PM (1 child)
Some of them are hacker groups after money. Others have other agendas. But I don't really think it would stop any of them.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by JoeMerchant on Wednesday November 16 2022, @10:22PM
If their motive isn't money, they probably know a fair bit about who they are attacking - though maybe not all the consequences.
I _can_ see this "symbol" leading to legislation for increased penalties in cases where medical care is compromised by the hactions, kind of like speeding fines being doubled in school zones.
Україна досі не є частиною Росії Слава Україні🌻 https://news.stanford.edu/2023/02/17/will-russia-ukraine-war-end
(Score: 3, Insightful) by Opportunist on Wednesday November 16 2022, @04:29PM (5 children)
On the battlefield, we tend to call it the "target cross". Kill that person to ensure that everyone else dies, too.
(Score: 2) by Username on Wednesday November 16 2022, @04:35PM
On the battlefield they usually shout, "DEUS VULT"
(Score: 3, Interesting) by ElizabethGreene on Wednesday November 16 2022, @04:42PM (2 children)
In online games medics and healers are force multipliers and if you take them out, you can usually wipe the rest of the team.
... or you can continue to pour rounds into the tanks with no effect. Your choice. :)
(Score: 2) by Opportunist on Wednesday November 16 2022, @11:49PM (1 child)
It works just as well in reality.
And before someone complains, yeah, whatever, I didn't plan to go to The Hague any time soon anyway, why should I care what they think?
(Score: 0) by Anonymous Coward on Thursday November 17 2022, @06:23PM
Classifying Gitmo prisoners as non-enemy combatants allowed us to forgo the protections of the Geneva convention. To expect anyone not in a uniform to adhere to its restrictions without those protections would seem a bit silly in that light, no? Reading the accounts of torture at CIA black sites and "non-torture" legally sanctioned "interrogation techniques" has shaped my opinion on war crimes in a dark way. If I'm ever fighting my government, I have no expectation to give or receive humane treatment.
(Score: 2, Insightful) by Anonymous Coward on Wednesday November 16 2022, @07:06PM
Fairly sure the Russian psychopath targeting dams, schools and residential buildings in Ukraine won't be too concerned about damaging his reputation as a humanitarian.
(Score: 4, Informative) by pTamok on Wednesday November 16 2022, @09:34PM
I recommend reading the comments on Bruce Schneier's blog entry.
Schneier on Security: A Digital Red Cross [schneier.com]
One of the comments: "Sociopaths don't care." But there is plenty of thoughtful and though-provoking meat in the comments, by seasoned, and world-weary, security people.