More than a month later, we are starting to know a little more about the attempted computer hacking of the International Criminal Court, this international criminal court based in The Hague and responsible for judging genocides and even war crimes. In a press release, the Court has just explained, in view of the evidence collected to date, that it was the victim of a “targeted and sophisticated attack with the aim of espionage”.
“The attack can therefore be interpreted as a serious attempt to undermine the mandate of the Court,” adds the international judicial institution. It was therefore likely operated by a state actor, and not simple cybercriminals motivated by greed. The affair began on September 19 with a announcement of the International Criminal Court. It had detected abnormal activity on its networks at the end of the previous week, prompting it to take cybersecurity measures.
A suspect, Russia
No potential suspects have been flagged by the International Criminal Court, assisted by Dutch police, the host country, in the investigation. However, all eyes are on Russia. As Le Monde recalls, a Russian national had already attempted to infiltrate the International Criminal Court in April 2022. An almost successful attempt, underlines the Court, to infiltrate a hostile intelligence officer under the cover of an internship request .
Russia also now has a clear motive against the International Criminal Court: to monitor or undermine the authority of this judicial institution. The latter notably issued, in March 2023, an arrest warrant against its president, Vladimir Putin, for the war crime of illegal deportation of the population after the military invasion of Ukraine by Moscow’s troops.
Unspecified operating mode
The attackers’ modus operandi, however, has not yet been clarified by the International Criminal Court. According to Le MagIT, the judicial institution could have been the victim of a recently corrected vulnerability on a Citrix Gateway system, a point which has not been commented on by the International Criminal Court.
The latter, which deplores daily attempts at computer attacks, simply stated that it had taken all necessary measures to remedy any compromise. It also indicates that it has strengthened its risk management framework, to avoid any risk to the security of victims, witnesses or officials of the International Criminal Court. However, the judicial institution is finally expecting new malicious campaigns. This time in the form of disinformation actions aimed at tarnishing its image and attacking its legitimacy.