The Forum Network is a space for experts and thought leaders—from around the world and all parts of society— to discuss and develop solutions now and for the future. It aims to foster the fruitful exchange of expertise and perspectives across fields, and opinions expressed do not necessarily represent the views of the OECD.
NGOs and cyber threats
Non-governmental organisations (NGOs) provide essential support and services to over 1 billion people worldwide, leveraging technology to carry out their activities and manage sensitive data. For example, social media, messaging apps, and collaboration platforms help humanitarian organisations to communicate and coordinate with their teams, partners, and beneficiaries in real-time. NGOs use mobile data collection tools and geographic information system (GIS) mapping to gain insights into community needs. Drones and remote monitoring technologies aid humanitarian organisations in responding to crises and disasters, especially in hard-to-reach areas. Digital payment systems increase aid distribution efficiency and stimulate local economies.
Cyberattacks and information operations aimed at humanitarian and development NGOs are on the rise, with malicious actors relentlessly attacking NGOs in the cyberspace
But NGOs often face resource constraints when it comes to understanding and defending themselves against cyber threats while simultaneously supporting their dedicated communities. Shockingly, only 1 in 10 NGOs provide regular cybersecurity training to their staff, and just 1 in 5 have a cybersecurity plan in place despite managing large amounts of sensitive information.
Unfortunately, cyberattacks and information operations aimed at humanitarian and development NGOs are on the rise, with malicious actors relentlessly attacking NGOs in the cyberspace because of the data they hold. In fact, the non-governmental sector is the second most targeted one after IT. In the last three years, cybercriminals and state-sponsored actors have accessed systems and personal records, stolen millions of dollars in donations, conducted surveillance operations, and carried out disinformation campaigns against NGOs - even large organisations like Save the Children, MercyCorps, and Roots of Peace. These attacks not only endanger lives, but also compromise the trust that is critical to the work of NGOs.
An innovative solution - The CyberPeace Builders Program
To help them rise to cyberthreats, the CyberPeace Institute, an independent and neutral nongovernmental organisation dedicated to ensuring the rights of people to security, dignity and equity in cyberspace, launched the CyberPeace Builders program in July 2021.
The CyberPeace Builders is a network of corporate cybersecurity volunteers supporting NGOs to enhance their cybersecurity posture. Volunteers interact with NGOs via a job board hosted on a secure platform operated by the Institute. Jobs are co-defined with NGOs and broken down into hourly units. By design, jobs are neither time-sensitive nor time-consuming. They last between 1 and 4 hours. Volunteers can choose the jobs they want to do based on their skills, availability and interest.
Their diverse backgrounds – some have cybersecurity and IT skills, others have legal, communication or training experience – allow tailoring their responses to the NGOs’ needs, with services provided to NGOs including:
- Pre-incident: awareness training, security planning, vulnerability scanning, etc.
- Post-incident services: attack notification, spyware detection, remediation, etc.
- Support: legal advice, data protection, awareness comms, IT investments, etc.
This program has ultimately made it easier for many companies to engage their employees in volunteering activities, and it has even been proven to support retention rates.
Supporting 121 NGOs to date with over 300 volunteers, it aims to serve 300 humanitarian NGOs by 2023, and 1,000 NGOs by 2025. Understanding the ecosystem in which these organisations function is also critical and, since 2022, a regional advisor stationed in Nairobi, Kenya, has been curating the expansive outreach in African-based communities.
Considering the growing need for cybersecurity services in all sectors and the inability of the marketplace to keep up with demand, the CyberPeace Builders program could also serve as a blueprint for other vulnerable actors, such as small and medium-sized critical infrastructure providers.
Scaling up - The Humanitarian Cybersecurity Center (HCC)
The protection of the humanitarian sector nonetheless extends beyond the scope of the issue. The cyberattack that targeted the computer servers holding information for the International Committee of the Red Cross (ICRC) not only served as a clear indication of the lack of concern of cybercriminals for the lives of vulnerable individuals and the critical purpose of this humanitarian organisation but also acted as a wake-up call. In response to the needs expressed by humanitarian NGOs worldwide, the CyberPeace Institute recognised the immediate requirement to broaden the range of services provided by the CyberPeace Builders program and launched the Humanitarian Cybersecurity Center (HCC) in February 2023.
The Center provides expert support and practical assistance to NGOs in the humanitarian and development sectors anywhere in the world and carries out activities in 4 key focus areas to tailor its response to the needs of each NGO. These include:
- DETECT & INFORM: Equip NGOs with guidance and cyber threat intelligence so that they can detect upcoming cyberattacks.
- PREVENT: Provide hands-on assistance to NGOs to build cyber preparedness and resilience through risk assessments, simulation exercises and training.
- ASSIST: Hands-on technical and forensic investigative support and assistance with incident and crisis management.
- STRENGTHEN: Developing standards, fostering multi-stakeholder collaboration and advocating for the protection of the humanitarian sector at international fora.
This collaborative approach is key to bringing together experts and technical know-how from corporations, academia and civil society to act on major societal issues and deliver sustainable progress, as well as to nurture a dialogue with governments and International Organisations.
Looking ahead, it will be crucial to strengthen collaborative approaches and partnerships to safeguard humanitarian organisations from cyberattacks and allow them to continue harnessing digital tools and solutions
But we cannot stop there. In addition to providing tactical support provided to NGOs, it is essential to expose information on the harm caused by cyberattacks to the vulnerable communities they serve. And it is critical to leverage this information to inform decision-makers and improve the regulation of cyberspace to protect these communities - and everyone else in the process.
Whilst the ever-evolving technological landscape poses new challenges to the humanitarian sector, it also provides unprecedented opportunities to improve the efficiency and efficacy of aid delivery. As highlighted by the CyberPeace Builders Program, digital solutions paired with expert support and knowledge can enhance crisis preparedness and disaster response. Looking ahead, it will be crucial to strengthen collaborative approaches and partnerships to safeguard humanitarian organisations from cyberattacks and allow them to continue harnessing digital tools and solutions to deliver on their important missions.
The OECD has been facilitating international co-operation and developing policy analysis and recommendations in digital security since the early 1990s to develop and promote policies that strengthen trust, without inhibiting the potential of ICTs to support innovation, competitiveness and growth.
Learn more on the OECD's work on Digital Security and check out the report Building a Skilled Cyber Security Workforce in Five Countries
And read more on the Forum Network: Speaking Tech to Power: Why technologists and policymakers need to work together, by Bruce Schneier, Security Technologist; Author; Fellow and Lecturer, Harvard's Kennedy School