Cyber criminals see charities as easy targets
By Asavin Wattanajantra,
Non-profit organisations such as charities are an easier target for cyber criminals than commercial businesses, due to their lack of resources.
So claims Imperva's chief technology officer Amichai Shulman, who discussed the threat in an interview with IT PRO.
He said that non-profits often held sensitive information on donors such as credit card transactions, yet much of the time didn’t have the IT resources of commercial organisations, as they have less budget.
In addition, work done on non-profit applications was often done voluntarily, which meant that they were potentially not as robust.
“There is an assumption that it will be easier to penetrate their applications and networks,” Shulman said.
TechSoup Global, a San Francisco non-profit looking to help other charities with technology, found out a year ago that it was suffering application-level attacks on its website, which was connected to back office systems used for receiving donations.
“We had a little bit of a breach from a SQL injection attack, and it brought our systems down,” said TechSoup senior director Richard Collins. “It took about three days to get our systems back up and running.”
Collins said there was no question that criminals would see charities as “soft targets”, agreeing with Shulman that they traditionally had less money to spend on infrastructure and IT operations.
“The big banks and those companies have money to put into security, and over the last few years they have put in a lot of money and effort in protecting themselves,” Collins said.
“[Non-profits] haven’t been able to do that. It’s a resource issue. I don’t have anybody specific working on security,” he added.
He said non-profit organisations like TechSoup needed to take on board industry best practice, such as knowing what to do with data and how to handle it, and making sure everybody in its IT department was operating with security in mind.
Sponsored Links
advertisement
Latest Public Sector Analysis & Insight
Striving to solve the security skills crisis
The Cyber Security Challenge is doing a fine job, but flat registration growth and weak Government funding are cause for concern, Tom Brewster discovers.
- 2011: The year in news
- Are the cookie laws crumbling already?
- UK rural broadband: too little, and too late
- How the Data Protection Act's death will punish the UK economy
- Education: glad to be a geek
- Plugging public sector data leaks
- Going for Gold - IT at the London Olympics
- Fujitsu: out to steal HP market share
- What will Windows Mango mean for business?
Latest Public Sector Reviews
HTC Flyer review: First Look
- HP TouchPad review: First Look
- RIM BlackBerry PlayBook review - First Look
- MWC 2011: Acer Iconia A100 and A500 reviews – first look videos
- MWC 2011: HP TouchPad review - first look video
- MWC 2011: RIM BlackBerry PlayBook review - first look video
- MWC 2011: HP Pre3 review - first look video
- MWC 2011: Motorola Pro review - first look video
- MWC 2011: HTC Flyer tablet review - first look video
- MWC 2011: Samsung Galaxy Tab 10.1 review – first look video
advertisement
Most popular
- Google releases Chrome for Android beta
- Will someone rid me of these troublesome Macs?
- OneNote hits Google?s Android
- BlackBerry Bold 9790 review
- Google sends in Bouncer to sort out malicious apps
- Ubuntu vs. Windows 7 on the business desktop
- Who to trust after the VeriSign hack?
- Head to Head: Mac OS X 10.7 Lion vs Windows 7
- ACTA: the basics, the controversies, and the future
- BT considering Ofcom price cap appeal
Latest News Videos in Public Sector
Q&A: David Elton, PA Consulting Group
PlayCIOs are increasingly influential, but have to juggle "dual roles", study finds.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
