UK Salvation Army Hit with Ransomware
Table of Contents
- By Dawna M. Roberts
- Published: Jul 16, 2021
- Last Updated: Mar 18, 2022
The Register reported today (June 30) that the evangelical Christian church and UK chapter of the Salvation Army experienced a cyberattack that included ransomware.
What Happened?
A spokesperson for the UK Salvation Army told The Register “We are investigating an IT incident affecting a number of our corporate IT systems. We have informed the Charity Commission and the Information Commissioner’s Office, are also in dialogue with our key partners and staff and are working to notify any other relevant third parties.”
She reassured the public that “We can also confirm that our services for the vulnerable people who depend on us are not impacted and continue as normal.”
Unfortunately, the Salvation Army did not provide details about the attack, such as if they were aware of the gang responsible. So far, there is no word on the ransom figure or what systems and information was compromised.
Without knowing what data was breached, experts urge Salvation Army volunteers and staff members to closely monitor their bank and credit card statements and credit reports looking for any new accounts and suspicious activity. Some other tips would be to:
- Change all online passwords.
- Turn on two-factor authentication, especially for bank and credit card accounts.
- Do not click on links in emails (phishing attacks often occur after a data breach).
- Keep good antivirus running on all devices and run deep scans often.
The Register quoted Jake Moore from ESET, a cybersecurity firm, when he commented on the matter “It is vital that those who could be at risk are equipped with the knowledge of how to mitigate further attacks. The first few days and weeks after a breach are the most important, as criminals will be quick to take advantage of the situation and strike while they still can.”
Sources say that the Salvation Army discovered the unauthorized activity about a month ago, giving hackers a head start. Moore followed up his previous comment with, “Those who may believe they have had their details taken … must contact their banks to add extra fraud protection and to be on guard for extra attempts such as unsolicited calls or emails phishing for extra information.”
Some cybersecurity experts believe the Conti or Pysa ransomware gangs may have been responsible for the attack. Both have been used in a similar fashion in familiar industries.
Hackers Have No Boundaries
Even though some ransomware gangs have publicly vowed to avoid attacking infrastructure organizations, healthcare facilities, and other charitable businesses, others have no such boundaries and don’t mind breaching even the most sacred of systems.
Not long ago, the WizardSpider gang attacked the Irish Health Service which came close to crippling hospitals. During the attack, hospital staff had to resort to pen and paper to continue operating.
The Pysa gang has a reputation for attacking schools around the globe. It is despicable that these criminals cannot avoid attacking vulnerable targets such as those that serve children, charitable organizations, or businesses in the healthcare industry.
Who is the Salvation Army?
The Salvation Army is an international charity organization (operating in 130 countries) affiliated with the Christian church. The organization has 1.5 million members called Salvationists. The original idea behind it was to bring “salvation” to the poor, hungry, and destitute by meeting their “physical and spiritual” needs.
Although Christian-based, the theological history stems from Methodism. One odd trait of the church is instead of religious titles; officers are given military ranks such as “lieutenant” “colonel,” or “major.”
Most people associate the Salvation Army with people dressed as Santa Claus standing outside shopping establishments ringing a bell asking for donations around the holidays.
