The latest onslaught of cyber attacks on religious organizations does not discriminate—all denominations are targets. Cybersecurity is becoming a looming concern across the nonprofit sector, but recently, faith-based institutions are coming under fire in a big way. Cybersecurity attacks on religious organizations have been on the rise since 2020, spiking sharply over the last year.
Cyber attacks are nothing new. Billions of business dollars are drained every year on ransomware payments (which risk getting business leaders sanctioned and losing insurance coverage), data recovery, business downtime, and technology infrastructure rebuilds. And since 90% of the World Wide Web is the dark web, the dangers are endless, mandating a more proactive culture around cybersecurity and how we approach it. Just this year, the White House launched a new cybersecurity summit on the ransomware attacks plaguing U.S. schools and other public institutions.
Recent Cybersecurity Attacks On Religious Organizations
Let’s take a quick look at some of the major cybersecurity attacks on religious organizations across the board.
The Vatican is still reeling from last year’s hacking resulting in data exposure and the Holy See (the pope’s community website) blackout. Bad actors overseas in China took credit for the attack, attributing it to retaliation against the United States government.
In recent months, attacks were launched against a Catholic publisher, a southern mega church, and Jewish Holocaust Educational websites.
130GB of data was compromised at the Catholic Publisher, The Sunday Visitor. The publication is a resource for millions across the religious community. The Karakurt data extortion group boasted its work behind the breach—a devastating leak of sensitive, financial documents, private Human Resources data, legal contracts, and company invoices with payment information.
The 15,000 member Relentless Church based in South Carolina reportedly had employee information, passport data, and financial details exposed in a breach by a Lockbit ransomware group.
The Church of Jesus Christ of Latter-day Saints was breached last year, compromising sensitive employee and member information.
And with rising antisemitic hate crime, cyberattacks on Holocaust educational websites are continually increasing since 2020. Bad actors made up one out of fifty HTTP requests on one prominent site last year.
Why religious organizations?
There hasn’t been an active dialogue until now around protecting churches, temples, synagogues, religious publishers, and websites. While there aren’t many stats that could be because it hasn’t been a priority among other rising business costs. Until now cybersecurity attacks on religious organizations hadn’t been a regular phenomenon.
Most known hacking groups had set parameters against cybersecurity attacks on religious organizations. However, these hackers are criminals without a moral compass, and recently they seem to be edging away from previous disclaimers.
If anything, the lack of cyberattacks till the last few years may have lulled some religious organizations into a false sense of security and complacency. Focused on budget and the bare minimum, churches and other institutions haven’t been advancing cybersecurity strategies at the pace of other businesses. Meanwhile, they house valuable financial and personal data with a broad reach and scope—sometimes across global communities.
Without investing in a robust cybersecurity approach, religious institutions will continue to be ongoing targets. But, that doesn’t have to be the inevitable.
Protect Your Religious Non Profit, Fruth Group can help.
Connect with one of Fruth Group’s security experts to see how you can protect your business, your employees, your data, and your community at large. Our experts can assess your cybersecurity posture and help you act now, before the bad actors can, or, eliminate any current compromises that may not be apparent.