The Charity Commission, the independent regulator of charities in England and Wales, is issuing this alert to charities as regulatory advice under section 15(2) of the Charities Act 2011.
Charities could be at risk and are urged to be vigilant.
Over 200,000 organisations, including the National Health Service (NHS), in 150 countries have been affected by a recent ransomware attack. The vulnerabilities exploited by the hackers are the same for charities as they are for individuals, public or private sector organisations.
The Charity Commission encourages all charities to follow protection advice recently issued by the City of London Police and National Cyber Security Centre (NCSC).
Key protection messages:
- install system updates on all devices as soon as they become available
- install anti-virus software on all devices and keep it updated
- create regular backups of your important/business critical files to a device that is not left connected to your network, as any malware infection could be spread to that too
- do not meet any stated demands and pay a ransom – this may be requested via Bitcoins (a form of digital or ‘crypto’ currency)
National Cyber Security Centre (NCSC) technical guidance includes specific software patches to use that will prevent infected computers on your network from becoming infected with the ‘WannaCry’ Ransomware.
Additional in-depth technical guidance on how to protect your organisation from ransomware can also be found on the NCSC website.