Fundraising news, ideas and inspiration for professional charity fundraisers

WannaCry and ransomware: how to keep your charity safe

WannaCry and ransomware: how to keep your charity safe

Following the global damage wrought by the WannaCry ransomware attack, the Charity Commission has published an alert advising how charities can be protected from the threat.

In issuing its regulatory advice under section 15(2) of the Charities Act 2011, the Commission acknowledges that charities could also be at risk from this attack. It urges charity staff and trustees to be vigilant.

Specifically, the Commission, the independent regulator for charities in England and Wales, advises all charities to follow protection advice recently issued by the City of London Police and National Cyber Security Centre (NCSC).

What to do

The key protection messages from the Charity Commission are:

  • Install system updates on all devices as soon as they become available
  • Install anti-virus software on all devices and keep it updated
  • Create regular backups of your important/business critical files to a device that is not left connected to your network, as any malware infection could be spread to that too
  • Do not meet any stated demands and pay a ransom – this may be requested via digital cryptocurrency Bitcoin

For technical guidance, including specific software patches, the Commission recommends charities consult the National Cyber Security Centre. The site also contains in-depth technical guidance on how to protect an organisation from ransomware.

Phishing and smishing

The Commission goes on to advise that other fraudsters might attempt to exploit this incident by targeting charities via phishing or smishing (SMS phishing) campaigns.

It therefore advises charities to be cautious if they receive any unsolicited communications from the NHS. The NHS is one of the organisations most affected by the WannaCry ransomware attack in the UK, although organisations and individuals in over 150 countries have also been affected.

In this regard the Commission advises charities:

  • Any email address can be spoofed. Do not open attachments or click on the links within any unsolicited emails you receive, and never respond to emails that ask for personal/charity information or financial details
  • The sender’s name and number in a text message can be spoofed, so even if the message appears to be from an organisation you know of, continue to exercise caution, particularly if the texts are asking you to click on a link or call a number.

How charities should report cyber-attacks

Staff and trustees who think that their charity has been compromised or affected by a cyber-attack should report it to Action Fraud by calling 0300 123 2040. 

Trustees are advised also to report suspected or known fraud incidents to the Charity Commission.

Serious incident reporting helps it gauge the volume and impact of incidents within charities and to understand the risks facing the sector as a whole.

Harvey Grenville, Head of Investigations and Enforcement at the Charity Commission said: “Charities need to be aware of the imminent danger posed by ransomware threats and take appropriate steps to protect their charity from cyber-attack – a charity’s valuable assets and good reputation can be put at risk from these dangerous scams.

“I urge all charities, if they suspect they may have fallen victim to cyber fraud, to report it immediately to Action Fraud and to the Commission, under its serious incident reporting regime.”

Charities can also visit Charities Against Fraud for advice and tips on protection against cyber-fraud.




Howard Lake is a digital fundraising entrepreneur. Publisher of UK Fundraising, the world's first web resource for professional fundraisers, since 1994. Trainer and consultant in digital fundraising. Founder of Fundraising Camp and co-founder of Research massive growth in giving.

Get free email updates

Keep up to date with fundraising news, ideas and inspiration with a weekly or daily email. [Privacy]

* We do not share your email or personal details.
" />