Is Your Nonprofit at Risk? Here’s What You Need to Know About Cyberattacks

nonprofit at risk to cyberthreats

Since the COVID-19 pandemic started back in 2020, we have seen several cybersecurity professionals banding together to form cybersecurity defense groups, focusing primarily on providing free protection to healthcare nonprofits, for-profit organizations, and the critical infrastructure that is needed to combat security threats. An example of such a group is the CTI League. They’re a volunteer group of cybersecurity experts dedicated to defending and neutralizing cyberattacks targeting the healthcare industry.

Groups like the CTI League are of extreme importance, even in 2022. A recent survey by IBM, for example, indicated that there has been a significant increase in COVID-19 related spam. Common attacks that we have seen here at Makaye infoSec include phishing emails, ransomware, malicious domains, and denial-of-service attacks. Ill-intended users continue to capitalize on the current situation to steal data, make money, and compromise nonprofit operations.

The last-minute shift that organizations had to make to remote work back in 2020 opened new loopholes for cybercriminals to exploit, resulting in a significant increase in cyberattacks. The most prominent attack happened in October of 2021, after an unauthorized user gained access to Planned Parenthood LA’s networks and 400,000 records. The information that cybercriminals accessed had personal details such as home addresses, Social Security Numbers, dates of birth, and medical information related to procedures and prescriptions. While there is no evidence that this information has been used for fraudulent purposes, patients were notified and advised to review their health insurance statements to identify any suspicious activity.

What are some common cyberattacks on nonprofits?

Malware

nonprofit at risk to cyberthreats

Malware is malicious software that infects, provides attackers remote control access to your devices, and steals your network’s data. While the most talked-about type of malware is ransomware, there are other types:

Spyware – It’s a type of malware that collects information about the user and communicates it to the cybercriminal.

Trojans – These are malicious software disguised as legitimate ones. Inadvertent users end up falling victim to these attacks when they download software and applications from unverified sources. Remember to always verify the provider and run a malware scan when you download an app.

Malvertising – These are malware combined with advertisements. When the user clicks on an infected ad, the malware automatically spreads into the device and the network.

Man in the middle attack

nonprofit at risk to cyberthreats

A man in the middle (MITM) attack occurs when an ill-intended user positions themselves between a user and an application with the purpose of stealing personal information such as credentials and financial data. 

Denial-of-Service attack

nonprofit at risk to cyberthreats

A denial-of-service (DoS) attack occurs when an ill-intended user interrupts a device or system’s normal functioning. This type of cyberattack overwhelms a target device with an unusual amount of traffic, making the server slows down and eventually stop working, resulting in a denial of service to other users. For nonprofits, the immediate effects are a lack of access to records and files, making operations impossible.

Is your nonprofit at risk? Take a look at these resources that might help you step up your cybersecurity game:

Learn how this guide to cybersecurity for nonprofits can support your mission and operations.

This cybersecurity checklist will help you understand if your nonprofit is at risk. Use them as a starting point in your next cybersecurity meeting.

This whitepaper will help you understand what are the main differences between IT and InfoSec professionals.

Understand if your nonprofit is at risk. The knowledge gained through this assessment will help guide the decisions that will need to be made to improve your security and align your risk with acceptable tolerance levels.

Is your nonprofit at risk t? In case you need a team of experienced cybersecurity professionals, Makaye InfoSec is here to help. We provide Nonprofit Cybersecurity solutions.  Schedule a meeting to get started.

cybersecurity services for nonprofits guide

Get in Touch

  • This field is for validation purposes and should be left unchanged.

Archives

Is your organization at risk from cyberthreats?

Find out with our Cybersecurity Checklist for Nonprofits