Microsoft announced today a new security program for nonprofits to provide them with protection against nation-state attacks that have been increasingly targeting them in recent years.
The company launched the program in response to the booming cybercrime industry impacting all industry sectors worldwide and nonprofits in particular because of their vulnerability stemming from the lack of adequate resources to build a suitable defense.
Once they’re breached, nonprofits would usually provide attackers with access to information belonging to volunteers, donors, and other participants in their programs.
“Microsoft’s 2021 Digital Defense Report confirms that in the past year, cybercrime has grown in scale and sophistication, leveraging crises to take advantage of at-risk targets,” said Microsoft VP of Tech for Social Impact Justin Spelhaug.
“The report highlights that, in the past year, NGOs and think tanks were the second most targeted sector by cybercriminals, accounting for 31% of all notifications of nation-state attacks against organizational domains as detected by Microsoft.”
Through the new Security Program for Nonprofits, Microsoft will:
- provide proactive monitoring and notification in the case of a nation-state attack via the AccountGuard program
- assess organizational and infrastructure risk to help organizations enhance their security posture based on their environment,
- and streamline security training for IT professionals and end-users.
Enrolled organizations will be alerted whenever their Microsoft 365 accounts or the staff and board members’ Outlook and Hotmail personal accounts are targeted or compromised by state-backed hackers.
Redmond’s goal is to support 10,000 nonprofit organizations until the end of the first year and as many as 50,000 organizations worldwide after three years.
“These organizations are attractive targets for nation-state actors because they often store sensitive data,” Spelhaug added.
“Additionally, according to the 2021 Cybersecurity Guide for Nonprofit Organizations, although cybercriminals attempt to access government and nonprofit databases every 39 seconds, up to 70% of charity networks lack a comprehensive vulnerability assessment to determine risk.”
Source: www.bleepingcomputer.com