International Criminal Court hit by new ‘sophisticated’ cyberattack

On Monday, the International Criminal Court (ICC) announced that it’s investigating a new “sophisticated” cyberattack that targeted its systems last week.

In a statement yesterday, the ICC revealed that it had contained a “sophisticated and targeted” cybersecurity incident, which was discovered by systems in place to detect cyberattacks targeting its systems.

“This incident, the second of this type against the ICC in recent years, was swiftly discovered, confirmed and contained, through the Court’s alert and response mechanisms. A Court-wide impact analysis is being carried out, and steps are already being taken to mitigate any effects of the incident,” the ICC said.

“The Court considers it essential to inform the public and its States Parties about such incidents as well as efforts to address them, and calls for continued support in the face of such challenges.”

At the moment, the ICC has yet to provide more information regarding the nature of the cyberattack, its impact on the ICC’s systems, or whether the attackers were able to access or exfiltrate any data or files.

​When asked to provide additional details regarding this incident, spokesperson Fadi El-Adballah told BleepingComputer that the ICC cannot provide further details or information beyond what had been shared in the Monday press release.

September 2023 cybersecurity incident

This is the second cyberattack targeting the ICC in recent years, following the disclosure of another cybersecurity incident in September 2023.

Roughly one month later, the ICC shared more information about the September 2023 incident, stating that its systems had been breached for the purpose of cyber espionage.

“The evidence available thus far indicates a targeted and sophisticated attack with the objective of espionage. The attack can therefore be interpreted as a serious attempt to undermine the Court’s mandate,” the international tribunal said.

The court found no evidence linking the 2023 breach to a specific espionage group, and the impact of the attack remains unclear, with no indication that data entrusted to the ICC was compromised.

The ICC also added at the time that the attack came at a moment of “broader and heightened security concerns for the Court,” including “daily and persistent attempts to attack and disrupt its systems” and an “almost successful attempt to infiltrate a hostile intelligence officer into the Court under the guise of an intern.”

Established in 2002, the ICC is an international tribunal based in The Hague, Netherlands, that investigates and prosecutes serious crimes that affect the international community, such as war crimes, genocide, and crimes against humanity.

For example, in March 2023, it issued an arrest warrant for Russian President Vladimir Putin related to crimes associated with Russia’s invasion of Ukraine, and another one in November for Israeli Prime Minister Benjamin Netanyahu for alleged war crimes during the Palestine conflict.