UK Government to provide advice to thwart 'devastating' cyber attacks on small charities

09/03/2018 News Team

Devious tricks to defraud small charities through online attacks have been exposed in the first ever threat assessment for the sector, along with guidance about how to defend against possible risks.

The work by the National Cyber Security Centre (NCSC), a part of GCHQ, will give the sector more help than ever before to defend itself from the most common cyber attacks.

There are almost 200,000 charities registered in the UK and the NCSC’s Cyber Threat Assessment reveals how their valuable funds, supporter details and information on beneficiaries is being targeted.

Alongside the assessment, the NCSC has also published the Small Charity Guide to outline easy and low-cost steps to protect from attacks. It includes expert advice that is particularly useful for small organisations on backing-up data, using strong passwords, protecting against malware, keeping devices safe and avoiding phishing attacks.

Writing in the foreword to the Small Charity Guide, NCSC chief executive, Ciaran Martin said: “I am extremely proud to present this cyber security guide for charities, who are increasingly reliant on IT and technology and are falling victim to a range of malicious cyber activity.

“The National Cyber Security Centre aims to make the UK the safest place to live and work online. We are committed to supporting the charity sector and we encourage you all to implement the quick and easy steps outlined in this guide.”

The report finds that cyber criminals motivated by financial gain are likely to pose the most serious threat, which could have a paralysing effect on a small charity’s ability to deliver their services. One example listed details how a UK charity lost £13,000 after its chief executive’s emails were hacked to send a fraudulent message instructing their financial manager to release the funds.

The assessment notes that the scale of cyber attacks against charities is unclear due to under-reporting and charities are being urged to report such crimes to Action Fraud and the Charity Commission.

Charities have also been encouraged to join the NCSC’s free Cyber Information Sharing Platform (CiSP) to exchange threat information in a secure and confidential environment.

The assessment and report have been well received by the sector, with heads of influential bodies praising the NCSC’s work.

Helen Stephenson, chief executive of the Charity Commission for England and Wales, added: “Charities play a vital role in our society and so the diversion of charitable funds or assets via cyber crime for criminal purposes or personal gain is particularly damaging and shocking.

“The threat assessment confirms what we often see in our casework -  unfortunately charities are not immune to fraud and cyber crime, and there are factors that can sometimes increase their vulnerability such as a lack of digital expertise, limited resources and culture of trust.

“We fully endorse the National Cyber Security Centre’s guide on cyber security for charities. This will be a valuable resource to help charities protect their work, beneficiaries, funds and reputations from harm and we encourage charities of all sizes to make use of it.”

Share with Linkedin Share with Twitter

Poor   Average   Good   Excellent