Mozilla to Firefox users: Here's how we're protecting you from code injection attacks

Mozilla to Firefox users: Here’s how we’re protecting you from code injection attacks

Mozilla cleans up Firefox to cut risk of code injection attacks and deter use of a dangerous JavaScript function Firefox-maker Mozilla has detailed its recent efforts to harden the browser against code injection attacks. That hardening work has focused on removing "potentially dangerous artifacts" in
/
Microsoft to use AI to filter game chat

Microsoft to use AI to filter game chat

Microsoft is turning to AI and machine learning to let Xbox gamers filter the language they see in text messages. It is introducing customisable filters that let gamers choose the vocabulary they see in messages from friends and rival players. The four levels of filtering
/
Protect Your Small Business

Why Nonprofits Might Be at Higher Risk for Cyberattacks

Cyberattacks On Nonprofits

Today’s society is one where any organization operating online is theoretically at risk for cyberattacks.

Such incidents could tarnish reputations, result in profit and data losses and even get so severe that they force the attacked organizations to shut down due to the damage caused. Nonprofit companies are not at a reduced risk of hacks. On the other hand, they may face an elevated risk for numerous reasons.

Nonprofits Are Not Adequately Prepared for Hacks

A 2016 survey found that 66 percent of the nonprofits polled did not plan to increase their data security spending. Moreover, nearly half of the respondents had not assessed their online risk factors in the past year.

Also, nonprofits often don’t adequately gauge the costs of having to temporarily shut down due to cyberattacks. If their websites get taken offline, people can’t find them in Google searches, and individuals may hesitate to donate money after hearing about vulnerabilities.

Nonprofits may also get caught in the tricky situation of deciding whether to give into hackers’ demands to get their files back in the case of a ransomware attack. If they decide to pay money in hopes of receiving the records, the costs likely cause financial burdens. Or, they may lose time and productivity by restoring lost files.

Nonprofits May Not Feel Compelled to Put Their Funds Towards Cybersecurity

Data from the 2016 NetDiligence Cyber Claims study found the average number of records seized in a nonprofit cyberattack was more than 12,000. That statistic shows if nonprofits believe that hackers will not do significant damage during an attack, or worse, are under the impression that cybercriminals won’t target them, they may face a surprise.

However, many nonprofits are cash-strapped and want to do everything they can to fulfill the missions of their organizations. Such a mindset means cybersecurity may not fit into the equation when they figure out their budgets for the year.

The Nonprofit Finance Fund’s 2018 State of the Nonprofit Sector Survey also revealed only 26 percent of nonprofits achieved break-even financing in 2017. It also showed a growing uncertainty about being able to meet the needs of service users this year. Both of those things suggest nonprofits may not feel encouraged to invest in cybersecurity before it’s too late.

Nonprofits Often Struggle to Meet Human Resource Needs

Nonprofits frequently operate with bare-bones teams, and they may not have on-site IT team members. On a positive note, some vendors that cater to the nonprofit sector offer secure software options that meet needs such as volunteer management. If nonprofits cannot afford to hire full-time IT experts, the next best thing is to keep their software updated and choose vendors that prioritize security.

Outsourcing is another possibility that could fill the void for IT experts at nonprofits. In any case, the lack of staffing means that people often fill many roles. And, if they need to engage in a team effort to recover data or otherwise get back on track after a cyber incident, it’s not difficult to imagine how an already-busy team could get even more swamped during the aftermath.

When Little Red Door, a nonprofit from Indiana, got hacked, one of the people who helped resume operations afterward was going through chemotherapy for breast cancer while assisting with the file recovery process. She kept up a cheerful attitude during the ordeal but personified the hard work involved in coming back from a hack.

Nonprofits Do Not Believe They Have Valuable Data

Another pervasive myth in the nonprofit sector is that nonprofits do not have any information hackers would want. However, consider that since they accept donations, most nonprofits likely have credit card information kept on file. Statistics indicate that credit card information could sell on the dark web for more than $100.

Also, even if hackers get less-valuable information such as emails, they could bombard their victims with advertising, phishing attempts and other kinds of unwanted emails. The simple but dangerous belief that a nonprofit organization does not have information useful to hackers could raise the threat of a cyberattack, mainly if groups do not know best practices for keeping their data safe.

It’s Time for a Changed Mindset

The points above are not the only reasons why nonprofits are often at a higher-than-average risk for being hit by cybercriminals. But, they highlight how nonprofits frequently have assumptions that don’t match what statistics show. Then, those faulty conclusions could leave organizations reeling after hackers orchestrate attacks.

Nonprofit representatives must take action to alter their mindsets and realize that now is the time to focus on cybersecurity throughout organizations. Only then can such groups make substantial progress for keeping hackers at bay.

By Kayla Matthews

  • Articles
Kayla Matthews Contributor
Technology Writer

Kayla Matthews is a technology writer dedicated to exploring issues related to the Cloud, Cybersecurity, IoT and the use of tech in daily life.

Her work can be seen on such sites as The Huffington Post, MakeUseOf, and VMBlog. You can read more from Kayla on her personal website, Productivity Bytes.

follow me
How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove ...
How Can We Use Artificial Intelligence When We Can't Handle Real Intelligence?

How Can We Use Artificial Intelligence When We Can’t Handle Real Intelligence?

Artificial Versus Real Intelligence In this article we will be discussing the pitfalls of societal disillusionment with facts, and how this trend may become troubling ...
The Cloud Debate - Private, Public, Hybrid or Multi Clouds?

The Cloud Debate – Private, Public, Hybrid or Multi Clouds?

The Cloud Debate Now that we've gotten over the hump of whether we should adopt the cloud or not, "which cloud" is now the center ...
Safeguarding Data Before Disaster Strikes

Safeguarding Data Before Disaster Strikes

Safeguarding Data  Online data backup is one of the best methods for businesses of all sizes to replicate their data and protect against data loss ...
Michela Menting

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been ...
It Programs Compressor