The dark side of cyberspace: the threat to NGOs and nonprofits

CyberPeace Institute

Recent high-profile ransomware attacks have highlighted the vulnerability of critical pressure points in our energy and food supply chains. We look at the risk to NGOs and ask how they can prepare and defend against the growing proliferation of cyberthreats.

Recent attacks against Colonial Pipeline by the hacking group DarkSide, and against the food giant JBS have exposed the capacity of cyberattacks to cripple crucial infrastructure. NGOs are no stranger to this growing trend, and are often the victim of attacks targeting critical services they offer to vulnerable communities throughout the world. 

As recently as May 2021, New Zealand’s largest volunteer agency in international development, the Volunteer Service Abroad (VSA), was hit by a ransomware attack that encrypted vital information in its data systems, some of which were lost as a result. The VSA refused to pay the ransom and has since recovered from the attack and put measures in place to prevent a recurrence.

The non-profit health provider Scripps Health was taken offline by a security breach in May. A Philadelphia food bank was hit by a US$ 1 million ransomware attack in December 2020 at a time when 5.6 million Americans were dependent on food handouts due to Covid.

Another common scam used against NGOs and non-profits is CEO Fraud. The hybrid method combines spearfishing and identity theft to trick NGOs into making wire transfers. It’s already cost Save the Children US$ 1 million in 2018, and caused Roots of Peace a total loss of US$ 1.3 million in 2020. 

This must be put in parallel to the amount stolen in high-profile attacks like Colonial Pipeline to emphasize that for attackers, going after targets like Roots of Peace is not just easier from a technical standpoint, it yields similarly high payouts at virtually no risk.

The humanitarian sector raises over $30B annually: yet only 1 in 10 NGOs trains its staff regularly on cybersecurity, 3 out of 4 do not monitor their networks and 4 out of 5 do not have any cybersecurity plan.

Cyberpeace must start with the most vulnerable

There can be no cyberpeace in the world if we leave the most vulnerable at threat of cyberattacks. Cyberpeace must start with them. NGOs involved in humanitarian and other actions are heavily dependent on mobile and digital technologies to coordinate and fulfil their missions. They often operate in regions with limited or unreliable infrastructure that can expose them and employees to acute risk of data interception, tracking, or unauthorized access with potentially lethal consequences for volunteers, beneficiaries and other stakeholders. NGOs may also be targets of malicious and politically motivated cyber attacks such as web defacement. These may involve hijacking and misusing their identities and websites to misdirect resources and volunteers and spread malicious misinformation.

As organizations whose primary function is the sourcing and distribution of aid and raising awareness of issues, these actions can have a crippling impact on their ability to function and respond to a crisis.  Such attacks put huge pressure on NGOs’ limited resources. They not only prevent NGOs from fulfilling their missions in the short-term, they can also inflict long-term reputational damage and undermine the confidence in its ability to fulfil its role in current and future crises and emergencies. As a result, donors, sponsors and host nations may cancel their relationship with an NGO and withhold its mandate, resulting in its termination.

Prevention better than the cure

Despite the risks, most cyber attacks exploit known or basic vulnerabilities that can easily be prevented by taking simple precautions. Black hat hacking  is in many respects a sophisticated form of burglary. Just like a break-in, it’s often simple carelessness that lets an intruder in the door. The simplest and most basic precautions can prevent a breach.

The [CyberPeace] Institute’s CyberPeace Builders Programme, offers support and shared resources for NGOs to help them prepare for, prevent and recover from cyber attacks. We look forward to working together and building solutions to combat this growing threat.Please contact us at: [email protected] to learn more.

The CyberPeace Institute is an independent and neutral non governmental organization whose mission is to ensure the rights of people to security, dignity and equity in cyberspace.  The Institute works to reduce the harms from cyberattacks on people’s lives worldwide, and provides assistance to NGO’s working with vulnerable communities.  The Institute analyzes and raises awareness of the societal impact of cyberattacks, how international laws and norms are violated, and advances responsible cyber behaviour and accountability. 

Find out more here

© Copyright 2023: The concepts and information contained in this document are the property of the CyberPeace Institute, an independent non-governmental organization headquartered in Geneva, unless indicated otherwise from time to time throughout the document. This document may be reproduced, in whole or in part, provided that the CyberPeace Institute is referenced as author and copyright holder.


Support the CyberPeace Institute

Individual lives can be changed dramatically by the acts of cyber criminals. We need your support to assist victims of cyberattacks in the NGO, humanitarian and healthcare sectors.


Subscribe to our newsletter

Receive monthly news on what’s happening at the Institute: our impact, publications, events and important milestones.