Do churches get hacked? Short answer: yes.
How many of us have gotten an email from our bank, opened it and then clicked a link inside? I’m willing to bet a vast majority of us have done it. Now, have you ever opened it again and realized the email had some typos? Did that get you wondering if the email was really from your bank? Multiple typos in an email from a major corporation are a hallmark of the “man-in-the-middle” attack. Such an attack involves a hacker impersonating your bank through an email, and then using anything they learn to impersonate you with the bank. Often hackers can mount this kind of attack by tapping in to any unsecured Wi-Fi networks you may be connected to.
But why does the hacker hack and why do churches get hacked? There are many different reasons. Sometimes it’s a person that’s looking to better understand computer and network security systems. Or maybe the hacker holds a different worldview than that of the church they’ve hacked and they want to make a statement. However most of the time it comes down to theft, pure and simple.
TechSoup, an organization that helps non-profits with software and digital security, says ministries and nonprofits need to be more proactive in securing personal and financial data in their care.
Ask "Do Churches Get Hacked?" Then ask "Is my ministry an easy target?"
Is your ministry ready to lose more than $680,000? That’s how much a church in Des Moines, Iowa had stolen by hackers. According to CBS News, the hackers infiltrated the computer networks and stole the money right from under their noses. The church was likely targeted because its systems lacked the sophisticated security systems put in place by retailers after high-profile attacks over the last several years. Luckily, the diocese had its prayers answered and the $680,000 was recovered thanks to its insurance company and its bank.
Things might have been different had the ministry trained their staff on what a cyber attack is and how to prevent one.
"... many churches and religious nonprofits are evaluating how they can meet fundraising goals and be good stewards of their finances," said Dan Webb, vice president of Technology Solutions and Services at TechSoup. "Cybersecurity is an integral part of that donor relationship. Donors put a significant amount of trust in their places of worship and the religious nonprofits they support. Churches and religious organizations cannot afford to have that trust violated. Internet security software is the first step in securing donor data — and to ensuring healthy data overall."
There are more enticing things than money
Not worried about losing money? Then maybe you’re worried about losing access to your church’s computer or its affiliated systems. Check out this example: First Presbyterian Church of Birmingham, a Detroit suburb, lost access to its records after being infected with the CryptoLocker ransomware. The church was asked to pay a ransom in exchange for the digital key that restores access to the records. Luckily for the church they had a backup of the data, but restoring that data took several days.
"In 2015, the number of unique cybersecurity threats has surpassed the 300-million mark, growing at a steady rate of almost 40,000 new threats a day. But it's not only the sheer number of malware that poses an immediate risk to nonprofits across the United States. Some of these viruses now specialize in extorting businesses by encrypting data and then asking for money in return ... for the decryption key," said Catalin Cosoi, Bitdefender's global security strategist. Bitdefender is a technology company that makes software that protects churches and religious nonprofits against computer viruses, phishing, and network hacks.
So what can a church do? It's important to keep up-to-date on the latest in cybersecurity and cyberliability. Once you know and understand the risks you can begin protecting your ministry. You can start with this easy-to-use cybersecurity campaign from Microsoft.
Additional Cyberliability Resources
Check out some of these great church cyberliability websites for more information on keeping your ministry safe from hackers and other digital criminals.