helping charities helping people

Welcome

You are not signed in. What would you like to do?

×

Manage your account

Hello ! You are signed in. What would you like to do?

Your Account
Tools
×
Cyber Crime - Cyber Crime
Last updated October 2019

A third of cyber crime victims did not report externally

Preventing Charity Cybercrime, published by the Charity Commission, says only 29% of respondents to a survey had reported a cyber crime to the police, a quarter to their bank and 13% to the regulator

A third of charities that were victims of cyber crime did not report it to anyone outside the charity, including the police, their bank or the Charity Commission, according to a report published today by the regulator. The report, Preventing Charity Cybercrime, says only 29% of respondents to a cyber crime survey reported crimes to the police, a quarter to their bank and 13% to the Charity Commission. 32% did not report the cyber crime to anyone outside the charity, the report found.

The findings are based on responses from about 3,300 charities to a survey on cyber crime sent out by the Charity Commission and the Fraud Advisory PanelThe report says that 84% of respondents said they would report cyber crime to the board.

More than two-thirds of charities that had been victims of cyber crime made changes to their IT, training or websites as a result, the report says. The report adds that a third of charities did not know what types of cyber crime they were most vulnerable to.Half of respondents said the board had overall responsibility for cyber security, and 15% said no one at the charity did, with the rest nominating individual trustees, the chief executive, or IT or finance directors.

Researchers found that 58% of charities thought cyber crime was a major risk to the charity sector, with 22% believing charities were more at risk than other organisations. They found that 3% of charities had been victim to a successful cyber attack in the previous two years, but the report says that it is likely that many other attacks had gone undetected.

Phishing and malicious emails accounted for more than half of all cyber crimes, according to the report, followed by hacking and extortion, which made up almost a third of attacks. "Large charities are more likely than smaller charities to be the victim of a cyber crime, with phishing/malicious emails the most common method of attack," the report says. "The high volume of such attacks means that virtually any organisation can fall victim. Smaller charities remain a target."

The report says that charities should take steps to acknowledge the threat of cyber crime, clarify where responsibility for dealing with the issue lies and raise awareness internally of the threat. It also suggests reporting successful cyber crimes to the board and external regulators, and adopting a proactive approach to preventing cyber crime.

Read: Third Sector - A third of sector victims of cyber crime did not report it externally, report says