The Charity Commission has warned charities to be aware of the "imminent danger" posed by the recent cyber attacks, which have severely affected hundreds of thousands of organisations worldwide, including the NHS.
More than 200,000 organisations in 150 countries have been affected by the WannaCry ransomware attack, which locks affected machines and demands a payment in order for them to be released.
The regulator said in a statement today that it was encouraging all charities to follow protection advice issued by the City of London Police and the National Cyber Security Centre.
Its key messages are:
Install system updates on all devices as soon as they become available;
Install anti-virus software on all devices and keep it updated;
Create regular backups of your important/business-critical files to a device that is not left connected to your network because any infection could be spread to that too;
Do not meet any stated demands or pay a ransom.
The commission also warned charities to be aware of emails that might appear to be from NHS sources, because they could be malicious.
It said email addresses could be spoofed and advised people not to open any attachments or click on links in unsolicited emails, even if they appear to be from a reputable source.
Further guidance from the NCSC can be found here. Harvey Grenville, head of investigations and enforcement at the Charity Commission, said:
"Charities need to be aware of the imminent danger posed by ransomware threats and take appropriate steps to protect themselves from cyber attack. A charity's valuable assets and good reputation can be put at risk by these dangerous scams."
He said any charities that suspect they might have fallen victim to cyber fraud should report it to the regulator using its serious incident reporting procedure and the reporting service Action Fraud.