Regulator issues warning of 'imminent danger' from cyber attacks

The Charity Commission is urging all charities to follow advice from the City of London Police and the National Cyber Security Centre

Beware of cyber attack
Beware of cyber attack

The Charity Commission has warned charities to be aware of the "imminent danger" posed by the recent cyber attacks, which have severely affected hundreds of thousands of organisations worldwide, including the NHS.

More than 200,000 organisations in 150 countries have been affected by the WannaCry ransomware attack, which locks affected machines and demands a payment in order for them to be released.

The regulator said in a statement today that it was encouraging all charities to follow protection advice issued by the City of London Police and the National Cyber Security Centre.

Its key messages are:

Install system updates on all devices as soon as they become available;

Install anti-virus software on all devices and keep it updated;

Create regular backups of your important/business-critical files to a device that is not left connected to your network because any infection could be spread to that too;

Do not meet any stated demands or pay a ransom.

The commission also warned charities to be aware of emails that might appear to be from NHS sources, because they could be malicious.

It said email addresses could be spoofed and advised people not to open any attachments or click on links in unsolicited emails, even if they appear to be from a reputable source.

Further guidance from the NCSC can be found here. Harvey Grenville, head of investigations and enforcement at the Charity Commission, said:

"Charities need to be aware of the imminent danger posed by ransomware threats and take appropriate steps to protect themselves from cyber attack. A charity's valuable assets and good reputation can be put at risk by these dangerous scams."

He said any charities that suspect they might have fallen victim to cyber fraud should report it to the regulator using its serious incident reporting procedure and the reporting service Action Fraud.

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Already registered?
Sign in
RSS Feed

Third Sector Insight

Sponsored webcasts, surveys and expert reports from Third Sector partners