International Criminal Court Hit by New Sophisticated Cyber Attack

The International Criminal Court (ICC) has successfully detected and contained a sophisticated cybersecurity incident that targeted the judicial institution late last week. 

This marks the second major cyber attack of this type against the ICC in recent years, highlighting the persistent digital threats facing international judicial bodies. 

Key Takeaways
1. ICC suffered its second sophisticated cyber attack in recent years, detected in late June 2025.
2. Court's security systems successfully detected and contained the targeted attack through alert mechanisms.
3. Comprehensive analysis underway to assess effects on judicial proceedings and confidential materials.
4. ICC seeks continued state support to strengthen cybersecurity for international justice operations.

The Court’s cybersecurity infrastructure and alert mechanisms enabled swift detection and containment of the incident, with comprehensive impact assessments currently underway to evaluate potential system compromises and data exposure risks.

Sophisticated and Targeted Cyberattack

The ICC’s cybersecurity team identified the sophisticated and targeted attack through their advanced threat detection systems and alert response mechanisms. 

According to the Court’s official statement released on June 30, 2025, the incident was “swiftly discovered, confirmed and contained” through established security protocols. 

The attack vector demonstrated advanced persistent threat (APT) characteristics, suggesting the involvement of well-resourced threat actors with specialized capabilities targeting international judicial institutions.

The Court’s incident response team immediately implemented containment procedures to isolate affected systems and prevent lateral movement within the network infrastructure. 

Forensic analysis protocols were activated to examine the attack methodology, potential payload deployment, and system penetration depth. 

The technical response included network segmentation, endpoint isolation, and comprehensive log analysis to map the attack timeline and identify compromised assets.

The implementation of behavioral analytics, network monitoring, and threat intelligence feeds enabled the identification of anomalous activities before significant system compromise could occur.

Ongoing Impact Assessment 

A comprehensive Court-wide impact analysis is currently being conducted to evaluate the full scope of the cyber incident and assess potential risks to sensitive judicial proceedings and confidential case materials. 

The technical assessment involves vulnerability scanning, data integrity verification, and security posture evaluation across all ICC digital infrastructure components.

The ICC’s transparency regarding this cyber incident reflects broader concerns about the targeting of international judicial institutions by sophisticated threat actors. 

Cybersecurity experts note that judicial bodies handling sensitive international cases face elevated risks from state-sponsored advanced persistent threats seeking to disrupt proceedings or access confidential information.

The Court has called for continued support from States Parties to strengthen its cybersecurity capabilities and ensure operational continuity. 

This includes technical assistance, threat intelligence sharing, and financial support for enhanced security infrastructure. 

International cybersecurity frameworks recommend that judicial institutions implement zero-trust architectures, advanced endpoint detection and response (EDR) solutions, and continuous security monitoring to defend against sophisticated cyber threats targeting critical judicial processes.

Investigate live malware behavior, trace every step of an attack, and make faster, smarter security decisions -> Try ANY.RUN now