NCSC: Cybercrime is a major threat to UK charities
The NCSC has released a report, highlighting the sizeable threat of cybercrime on UK charities, encouraging them to take action against criminals and protect themselves from attacks.
As a result of its research, the organisation has released a guide that offers advice for charities to protect themselves against cybercrime. The advisory suggested that charity staff may be more likely to fall victim to attack because they’re generally more trusting, and could be “socially engineered into clicking on ‘dodgy’ links” in emails.
Despite the general misconceptions that charities are immune from cybercrime because they support good causes, they’re just as likely to be hacked as regular businesses because they hold information of interest to criminals, such as contributor payment details and other confidential data.
Charities also deal with large sums of money and if theft occurs, however big or small, it could put the charity’s reputation at risk, potentially discouraging funders from donating more money.
Other sensitive information, such as the details of beneficiaries could be life-threatening. For example, the ex-partner of a domestic violence victim may try and access a system to find their address to track them down, according to the advisory.
The NCSC’s guidance document covers five areas that charities should focus on when rolling out a security strategy, helping them combat cybercrime and protect their assets. They include backing up data regularly, ensuring passwords are as strong as possible, how to protect against malware, prevent falling victim to phishing attacks and keeping devices safe.
The advice has been designed for small charities that are unlikely to have the security resource to implement a large-scale security policy, but is simple to follow, meaning organisations won’t have to hire new staff, which can be time-consuming and costly.