The regulator has urged charities to be vigilant in the wake of a ransomware attack that has affected more than 200,000 organisations worldwide across a variety of sectors.
The Charity Commission has urged charities to follow protection advice issued by the City of London Police and National Cyber Security Centre after the “WannaCry” cyber-attack reached organisations, including the NHS, in around 150 countries.
Charities have been encouraged to install system updates on all devices as soon as they become available, and ensure up-to-date anti-virus software is installed on all devices.
The advice recommends regularly backing up all important files to a device kept offline, and to reject ransom demands from hackers.
NCSC technical guidance outlines specific software patches that will prevent computers becoming infected with the “WannaCry” ransomware. Additional in-depth technical guidance on how to protect against ransomware can also be found here.
Charities have also been warned that fraudsters may seek to capitalise on the WannaCry attack by launching phishing campaigns. The commission warned that email addresses and contact details can be spoofed, so charities should exercise caution should they receive unsolicited emails or text messages.
Charity Commission head of investigations and enforcement Harvey Grenville said charities must be vigilant, as cyber-attacks and associated scams can put a charities assets and/or reputation at risk.
"Charities need to be aware of the imminent danger posed by ransomware threats and take appropriate steps to protect their charity,” Grenville said. “I urge all charities, if they suspect they may have fallen victim to cyber fraud, to report it immediately to Action Fraud and to the commission, under its serious incident reporting regime.”
Charities who suspect they have been affected are urged to report it to Action Fraud by calling 0300 123 2040, or visiting wwwactionfraud.police.uk..
