Cyber threats and data breaches are in the news each and every week. And, just like small businesses and large corporations, community organizations are also vulnerable to these types of cyber risks and attacks. While big-name breaches most often make the headlines, community organizations should not ignore that they can also be targeted and exploited.
It’s not uncommon for community organizations to have low-tech systems and inadequate cybersecurity protocols. In addition, cybercriminals are interested in accessing the organization’s network to potentially steal funds or access personal data like banking information and social security numbers of associated members.
1. Ransomware
Ransomware is a form of malware that encrypts files. Many hackers send fraudulent emails and when the link is clicked, the ransomware is downloaded onto the computer and potentially spreads through the network. Once the files and data are encrypted, the hacker demands a ransom be paid to release access to the files.
2. Social Engineering
The goal of social engineering is to trick individuals into divulging their personal information. A common method used by social engineers is called phishing. Engineers disguise themselves as authoritative figures, like representatives of the US Social Security Administration, who requests information, and many individuals feel obligated to provide it.
3. Email Hacking
Email hacking happens when a hacker gains access to an email account that belongs to an employee or board member of a community organization. Then, the hacker poses as the employee or board member to send emails in an effort to access money or sensitive information.
4. Remote Work
The increase in remote work adds another layer of vulnerability to community organizations. Employees, volunteers, and board members using less-secure internet networks are easy targets for cybercriminals. One quick click can download a virus and send it to everyone in that individual’s contact list.
What can community organizations do to protect themselves and the communities they serve?
- Utilize strong passwords that are longer than 8 characters and a combination of uppercase and lowercase letters, numbers, and special characters
- Develop and execute cyber security protocols, including training and written guidelines
- Implement multi-factor authentication to verify identities more effectively
- Evaluate cyber insurance policies regularly to understand and compare coverage options
The best defense for community associations against cybercrimes is a comprehensive approach to security. A combination of awareness, prevention, and planning can be the key to avoiding or effectively rebounding from a cyberattack.
