More than three-quarters of larger charities have been targeted by cyber criminals over the past year, according to government data released today.
The government’s latest Cyber Security Breaches Survey shows that 62 per cent of charities with annual incomes of £500,000 or more reported having any kind of cyber security breach or attack in the year to March 2022, rising to 76 per cent among charities with an income of £5m or more.
The data shows that 30 per cent of all charities said they had been targeted by cyber criminals in the past year.
Charities are less likely to be affected than businesses, although the number of businesses targeted has fallen from 46 per cent in 2018 to 39 per cent over the past year.
The majority of charities said the only type of cyber crime they experienced last year was through phishing emails trying to direct the user to fraudulent websites, although 10 per cent suffered much more serious malware attacks.
About a quarter of charities said they faced some form of cyber crime at least once a week.
Four in 10 charities said they sought external advice on their cyber security in 2021/22, and 9 per cent said a cyber attack had left them temporarily unable to access their files or networks.
The mean average cost to a charity hit by a cyber attack was £300, according to the data, which is based on responses from 424 UK charities and more than 1,200 UK businesses.
Four in 10 charities have a policy not to pay a ransom in the event of a malware attack taking over their computer systems, while another 27 per cent said they did not know what policy, if any, was in place.