Charities Falling Victim To Cybercrime

IT people at charity organisations are growing concerned that their computer systems are out of date and less secure than they need to be. One of the US best-known charities says it was the victim of a cyber scam last year that cost the company $1 million.

Save the Children Federation, which conducts charity operations in countries across the world, told the Boston Globe that hackers gained entry into an employee's email account. 

The hackers then used fake invoices and other means to fraudulently direct about $1 million to a fraudulent entity based in Japan. By the time the attack was discovered, it was reportedly too late to stop the money transfer, disguised as payments for solar panels to be installed on health centers in Pakistan.

The organisation reported that in the months following the attack, Save the Children managed to recoup all but $112,000 of the losses through insurance claims, and has since adopted practices to guard against such scams and hacking attempts.

“We have improved our security measures to help ensure this does not happen again,” the group's said CFO Stacy Brandom. “Fortunately, through insurance, we were ultimately reimbursed for most of the funds.”

A separate hacking attack resulted in the charity mistakenly sending $9,210 to hackers after one of the charity's vendors was the victim of a cyberattack. That money was also recouped via insurance claims. 

Cyberattacks have become commonplace in the US, with a Gallup poll released this week finding that one in four Americans have been affected by a cyber-attack in some way. Americans are now nearly 10 percentage points more likely to be affected by cybercrime than by physical theft of property, according to Gallup.

The Hill:     Boston Globe:       Image: Nick Youngson

You Might Also Read:

A Guide To Preventing Charity Cybercrime:

 

 

 

« Microsoft In A Fight To Stop Cyber War
Startups Can Differentiate By Doing Cybersecurity Right From Day One »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Tanium

Tanium

Tanium is an endpoint security and systems management company.

ManageEngine

ManageEngine

ManageEngine offers a suite of IT management software for all operations from networks and servers to applications, service desk, Active Directory, security, desktops, and mobile devices.

CERT.at

CERT.at

CERT.at is the Austrian national Computer Emergency Response Team.

Willis Towers Watson

Willis Towers Watson

Willis Towers Watson is a global risk management, insurance brokerage and advisory company. Services offered include Cyber Risks insurance.

DEFCON Cyber

DEFCON Cyber

DEFCON CYBER is a solution that seamlessly molds a new, or existing, cybersecurity program into a highly effective risk management operation.

PECB

PECB

PECB is a certification body for persons, management systems, and products on a wide range of international standards in a range of areas including Information Security and Risk Management.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

AimBrain

AimBrain

AimBrain tools detect and prevent fraud, faster and more accurately than ever before.

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

C-MRiC collaborates on initiatives, ranging from national cyber security, enterprise security, information assurance, protection strategy, climate control to health and life sciences.

Adaptive Shield

Adaptive Shield

Addaptive Shield - Complete Control For Your SaaS Security. Proactively find and fix weaknesses across your SaaS platforms.

BlueSwarm

BlueSwarm

With a team spanning over 4 continents, Blueswarm helps protect customers from nefarious cyber attackers.

SystemExperts

SystemExperts

SystemExperts is a premier provider of IT compliance and cyber security consulting services.

Sentinel

Sentinel

Sentinel works with governments, media and defence agencies to help protect democracies from disinformation campaigns by developing a state-of-the-art AI detection platform.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

Venustech

Venustech

Venustech is a leading provider of network security products, trusted security management platforms, specialized security services and solutions.

Gatefy

Gatefy

Getfy is a cybersecurity company specialized in artificial intelligence and machine learning. We work to solve challenging issues, especially those involving email security.