The internet is a powerful tool that allows charities to reach and inspire millions of supporters. However, this accessibility comes with significant challenges, as charities are not immune to cybercrime. In fact, the number of cyber attacks on charities is alarmingly high.

Main Cyber Threats for Charities in 2024

  1. Phishing
    • Cybercriminals trick staff or volunteers into revealing sensitive information or clicking malicious links.
    • Tip: Verify the sender’s email address and graphics before clicking any links. Contact the sender separately if in doubt.
  2. DDoS (Distributed Denial-of-Service) Attacks
    • These attacks overwhelm websites with traffic, making them inaccessible to genuine supporters.
    • Tip: Look out for slow load times or site inaccessibility and notify your website manager if you suspect an attack.
  3. Ransomware
    • Cybercriminals encrypt your data and demand a ransom to unlock it.
    • Tip: Disconnect affected devices from your network, report the incident to the police and NCSC, and notify the ICO of any data breaches.

Emerging Cyber Threats

  1. Vishing and Smishing
    • Vishing uses voice replicators to impersonate someone in your organization. Smishing uses SMS to mimic team members.
    • Tip: Verify requests by calling the person back using known contact details.
  2. Supply Chain Attacks
    • Cybercriminals exploit software or website vulnerabilities to access your systems via suppliers.
    • Tip: Regularly review and secure your supply chain.


Protecting Your Charity from Cybercrime

  1. Implement Cybersecurity Best Practices
    • Regularly update passwords and use strong combinations.
    • Implement Multi-Factor Authentication (MFA) with IT support.
  2. Staff Training
    • Educate your team on recognizing and avoiding cyber threats.
    • Utilize resources like phishing simulation exercises and bulletins.
  3. Backup Your Systems
    • Regularly back up data to a separate location to restore key information if attacked.
  4. Build an Incident Response Plan
    • Develop a step-by-step process for emergencies, including notification protocols.
  5. Arrange Cyber Insurance
    • Cyber cover is essential for all charities, helping manage the aftermath of an attack. Ensure compliance with security conditions to guarantee coverage.

By implementing these strategies, charities can better protect themselves from the evolving landscape of cyber threats and ensure they continue to operate securely and effectively.


Source: Rapid7


<a href="" target="_blank">Péter Szöllősi</a>

Péter Szöllősi


Peter has been the Head of Offensive Security at Black Cell for five years, where he manages the pentester team responsible for providing high-quality ethical hacking services to clients to enhance their security posture. He also contributes to the maintenance and improvement of Black Cell’s security posture with internal and external audits.

Related Posts

Share This