World Humanitarian Day: Safeguarding NGOs against cyberattacks

CyberPeace Institute

Humanitarian organizations provide critical services to those most in need of assistance, especially people living in areas of conflict or natural disaster. These organizations are also frequent targets of cyberattacks and often have limited capacity to respond. Their cybersecurity is crucial for the people who depend on them.

The CyberPeace Institute works with humanitarian NGOs #RealLifeHeroes to build their capabilities and protect their operations, data and resources in an increasingly complex digital environment. This World Humanitarian Day, we celebrate the leaders who recognize the importance of safeguarding against cyberattacks and allocate resources to meet the mounting threat that these attacks pose.

Recognizing the Threat

When humanitarian NGOs are attacked, people who were already vulnerable are placed at even greater risk. 

In January 2022, the International Committee of the Red Cross (ICRC) suffered a data breach that impacted 515,000 persons at risk, including refugees fleeing war zones. Two years ago, a demining NGO called Roots of Peace, that was active in Afghanistan, had over $1.3M stolen by cyber criminals. And US-based hunger relief group Philabundance had their operations paralyzed in 2020 by encryptions that prevented them from providing care to children. People who help people, in and out of conflict zones, are increasingly targeted online by malicious actors who do not shy away from monetizing vulnerability. 

Humanitarian organizations implement robust plans to protect their staff from physical threats. However, the pace of digital transformation and the limited financial resources available to secure their information and communications technologies and systems can put them at risk from cyber incidents. Technology is a double-edged sword: opening new opportunities for efficiency while simultaneously presenting new access points for potential attackers.

These organizations are at a stark disadvantage because their ICT budgets are limited and often dependent on donors. State-sponsored actors, organized cyber criminal groups and hacktivists test NGOs’ ability to respond to these attacks and limit their capacity to protect vulnerable groups.

Unfortunately, real-world humanitarian tactics don’t transfer well in cyberspace. Outside of the digital field, NGOs are able to negotiate ceasefires, use humanitarian corridors to reduce risk for staff and populations in need, and identify other aid workers. But, in cyberspace, their skills, expertise and defenses are less robust. 

Despite these circumstances, humanitarian organizations continue to act often where no one else can. 

Work of CyberPeace Builders

The CyberPeace Institute has witnessed a growing awareness amongst NGOs of the digital threats they face through the CyberPeace Builders, a network of over 70 humanitarian organizations seeking to empower themselves through the adoption of cyber preparedness and defensive tactics. Many are introducing, within their headquarters and amongst their field staff, training and simulated phishing campaigns. And some are even organizing monthly competitions to reward those who report phishing attempts.

Many NGOs are recognizing the importance of audits and mapping their assets and identifying digital vulnerabilities. Some are organizing penetration testing (pentests) to evaluate the security of their systems – almost half of all NGOs the Institute works with have already done a first security assessment. The Institute is seeing newly-created NGOs being mindful of the threat environment and asking for help from secure code auditors and data protection experts before releasing digital products. Some NGOs in the CyberPeace Builders network are ISO 27001 certified – the international standard on how to manage information security – and actively working on their certification renewal, indicating a strong commitment to cybersecurity. 

Some NGOs are seeking advice from the CyberPeace Builders volunteers on cybersecurity insurances to transfer some risks considered too expensive to mitigate, suggesting the existence of a risk management strategy. In addition, some NGOs in Geneva and in the US are hiring Managed Security Service Providers (MSSPs), just like small and medium-sized enterprises (SMEs) do, to leverage discounted or free security products.

While NGOs have much more progress to make, acknowledging the very real threats posed to them and developing cybersecurity practices suggests a more optimistic future. 

Who We Are

The CyberPeace Institute was established in November 2019 at the beginning of the COVID-19 pandemic. Witnessing first-hand the intensity of cyberattacks on vulnerable communities, the Institute developed tangible solutions to assist and support humanitarian NGOs and the healthcare sector

The Institute calls for greater protection from cyberattacks for the humanitarian sector, recognizing the increasingly digital nature of humanitarian response and the harm that can be caused to people already made vulnerable by conflict, violence and disaster.

The CyberPeace Builder’s program assists NGOs to build cybersecurity capacity through a trusted and dedicated network of corporate partners who provide volunteers & funding to enable the provision of this support.

If you are interested in supporting the CyberPeace Builders or in receiving this support, please reach out to [email protected]

© Copyright 2023: The concepts and information contained in this document are the property of the CyberPeace Institute, an independent non-governmental organization headquartered in Geneva, unless indicated otherwise from time to time throughout the document. This document may be reproduced, in whole or in part, provided that the CyberPeace Institute is referenced as author and copyright holder.


Support the CyberPeace Institute

Individual lives can be changed dramatically by the acts of cyber criminals. We need your support to assist victims of cyberattacks in the NGO, humanitarian and healthcare sectors.


Subscribe to our newsletter

Receive monthly news on what’s happening at the Institute: our impact, publications, events and important milestones.