Written by: Ryan Lee, CEO

Charities are significant targets for cybercriminals

The charitable sector is one of the most extensive globally, a fact often overshadowed by the ‘non-profit’ label associated with charities. The global philanthropy market is reported to be around S$300 billion in the report “Philanthropy Outlook: Reflections on 2021 and a Look Ahead to 2022”, published by Barclays Bank in 2021. In Singapore alone, donations to charities exceeded S$3 billion in 2020, according to the Commission of Charities Annual Report 2021. This misnomer can lead to underestimating the enormous amount of wealth these organisations manage. Given the vast resources within their purview, securing these assets from potential threats is paramount. Regrettably, this is not always the case.

Cybercriminals, with a keen awareness of the immense funds managed by charities, often target these seemingly benign institutions. While it seems intuitive that protecting digital assets and preventing financial fraud would be a priority for charitable organisations, the reality can be quite the contrary. Some charities might operate under the misconception that their altruistic nature and noble intentions render them less likely to be targeted by malicious actors, potentially resulting in an underinvestment in necessary cybersecurity measures. However, cybercriminals’ motivations are rarely influenced by the moral compass of their targets. Instead, the focus is predominantly on exploiting vulnerabilities for financial gain. Thus, charities, like any other business managing significant assets, can find themselves in the crosshairs of these unscrupulous individuals.

How Cyberattacks will affect Charities and what should they do?

Moreover, given charitable operations’ expansive and multifaceted nature, these organizations are ripe with multiple potential entry points for cybercriminals. The diversified portfolio of assets, the vast network of donors, volunteers, and beneficiaries, and the extensive digital footprint all contribute to the increased risk of cyber threats, making robust cyber security measures indispensable.
Charities must perceive cyber security not as an optional extra but as an essential component of their operational infrastructure. Charities must fortify their defences, employ advanced cybersecurity protocols, and remain vigilant against potential threats to safeguard the trust their donors and beneficiaries bestowed upon them and ensure the continuity and efficacy of their noble endeavours. Therefore, the discussion surrounding cybersecurity in charities needs amplification, creating an awareness that transcends the misnomer of ‘non-profit’ and underscores the imperative need for security in the face of rising cyber threats. Fostering a culture of cyber resilience and embedding security into the organisational DNA of charities is not just prudent—it’s a necessity.

Charities can also learn how to implement strategies and tools to prevent cyber attacks with this guide published by Singapore’s National Council of Social Services (NCSS).