Part of the Beyond125.org initiative, dedicated to securing civil society in the digital age.

Leveraging AI to Expose Cyberattacks and Disinformation Impacting Civil Society

Version 1.0: Cyber Threats in Focus

The CyberPeace Institute protects the most vulnerable in cyberspace. We provide cybersecurity assistance, expose the human cost of cyberattacks and disinformation, and push for accountability.


This platform tracks cyberattacks, vulnerabilities, and threats - raising awareness, supporting global efforts to secure civil society, and helping organizations stay ahead of risks.


This first release highlights cyberattacks, vulnerabilities, and threats targeting civil society organizations worldwide. Our data is drawn from two key sources:

  • CyberPeace Builders' support for over 400 organizations, providing insights into their unique challenges.
  • Publicly recorded cyber incidents, shedding light on a broader range of threats to civil society organizations.

We're calling on donors, data providers, and partners to support this initiative. Your contributions help us grow and deepen the impact of our mission to protect civil society

As the platform grows, we will expand beyond cyber threats to include disinformation operations that undermine trust and safety in civil society.

Access data

Threats
at a Glance:

246,710 threats recorded since 2018

Including

765+ Vulnerabilities detected across monitored NGOs
983 Attacks identified Including malware infections and publicly recorded attacks
112,017 phishing emails targeting NGOs quarantined
118,824 exposed Credentials Detected

This is Just the Tip of
the Iceberg

The data shown here is based on insights from our monitored organizations and publicly recorded incidents. However, many cyberattacks against civil society go unreported.

Cyber threats are
endangering civil society

See who's affected

scroll down
Health
127K recorded threats impacting Health
Poverty
90K recorded threats impacting Poverty
Finance
90K recorded threats impacting Finance
Humanitarian
73K recorded threats impacting Humanitarian
Water
73K recorded threats impacting Water
Women's Rights
72K recorded threats impacting Women's Rights
Food
71K recorded threats impacting Food
Energy
71K recorded threats impacting Energy
Education
54K recorded threats impacting Education
Development
37K recorded threats impacting Development

And 141K recorded threats impacting 10 other sectors: Human Rights, Information, Environment, Advocacy, Migrants, Peace, Foundation / Association, Social Services, Business and professional associations, Justice.

Cyberattacks and disinformation
against civil society are
attacks against real people.

vertical dots

Read their stories.

An picture related to clean-water-aid category

For the full spectrum of impacted sectors, please refers to the main dashboard

Attacks against clean water aid

  • A nonprofit organization focused on providing clean water across the APAC region suffered a significant cyberattack. The attack caused immediate disruptions to the organization’s operations, leading to delays in providing critical clean water services. Additionally, there are long-term concerns about the integrity of their data, potentially eroding donor trust and affecting future funding. This incident was a ransomware attack carried out by a cybercriminal group that operates a ransomware-as-a-service model. The attackers threatened to release sensitive information unless they were paid an extortion fee of $300,000.

    Sustainable development goals

    SDG 6: Clean water and sanitation
An picture related to food-supply category

For the full spectrum of impacted sectors, please refers to the main dashboard

Attacks against food supply

  • A hunger relief organization based in the United States fell victim to a cyberattack that resulted in a significant financial loss. The organization was scammed out of more than $923,000, a substantial amount that could severely affect its ability to provide essential services. Beyond the financial hit, this incident threatened to undermine trust in the organization’s operations, potentially impacting future support and donations. The attackers carried out a phishing campaign by intercepting legitimate emails from a construction company and sending a fraudulent invoice in its place. The organization unknowingly paid the fake invoice, falling prey to the scam.

    Sustainable development goals

    SDG 2: End hunger
An picture related to sustainable-living category

For the full spectrum of impacted sectors, please refers to the main dashboard

Attacks against sustainable living

  • A nonprofit organization focused on exchanging reusable items to reduce landfill waste suffered a significant data breach. The breach affected 7 million of the nonprofit’s members, with sensitive information being sold on the dark web. The breach also reportedly included the data of the organization’s executive director. The stolen data was available on the dark web for months before discovered. The specific method used by the malicious actor to infiltrate the organization’s network remains unknown. Members have been cautioned not to interact with suspicious emails by clicking on links or downloading files.

An picture related to healthcare category

For the full spectrum of impacted sectors, please refers to the main dashboard

Attacks against healthcare

  • An USA-based healthcare plan provider faced serious repercussions after a cyberattack compromised the sensitive data of millions. The breach exposed the protected health information of 3,180,537 individuals, including Social Security numbers and health records. The fallout from this exposure has resulted in multiple class action lawsuits, which could further damage the organization’s reputation and financial stability, potentially disrupting its ability to provide healthcare services. The attack was carried out by the Clop threat group, who exploited a zero-day vulnerability in the MOVEit Transfer file transfer solution. This vulnerability allowed the cybercriminals to access and steal the organization’s sensitive data.

    Sustainable development goals

    SDG 3: Ensure healthy lives
An picture related to humanitarian-aid category

For the full spectrum of impacted sectors, please refers to the main dashboard

Attacks against humanitarian aid

  • A nonprofit organization providing medical and humanitarian aid globally faced a security breach involving one of its servers based in Spain. The breach raised concerns about unauthorized access to the organization’s data, which could potentially compromise sensitive information. The extent of the information accessed remains unclear, but the incident highlights significant risks to the organization’s data security and operational integrity. An advertisement surfaced offering access to the compromised server. A screenshot from the hacker indicated they had accessed a web panel for Citrix used by the Spanish branch of the nonprofit, which might have allowed them remote access to the organization’s data.

    Sustainable development goals

    SDG 3: Ensure healthy lives
An picture related to education category

For the full spectrum of impacted sectors, please refers to the main dashboard

Attacks against education

  • In August 2023, a college in North Carolina experienced a significant data breach caused by a ransomware attack, which compromised the personal information of over 52,000 individuals. The exposed data included sensitive information such as identification numbers, dates of birth, and health-related details. In response to the breach, a class-action lawsuit was filed, alleging negligence in implementing adequate data-security measures and delays in notifying affected individuals. The incident highlighted recurring concerns about the institution’s cybersecurity preparedness, as it was not the first breach of its kind.

    Sustainable development goals

    SDG 4: Ensure inclusive
An picture related to financial-inclusion category

For the full spectrum of impacted sectors, please refers to the main dashboard

Attacks against financial inclusion

  • Just before Christmas 2020, hackers began to steal from One Treasure Island, a nonprofit that is redeveloping its namesake island in San Francisco Bay as a haven for low-income and formerly homeless people. Over the next month, criminals siphoned $650,000 from the community organization.

    Sustainable development goals

    SDG 1: End povertySDG 10: Reduce inequality
An picture related to communication category

For the full spectrum of impacted sectors, please refers to the main dashboard

Attacks against communication

  • A nonprofit organization lost control of their Instagram account, a critical platform for their online presence. The loss of access to their Instagram account threatened to undermine the organization’s credibility and disrupt their general activities. As their flagship online presence, the account’s absence threatened to damage their reputation and hinder their ability to engage with supporters and the public. The incident began with a spear phishing attack via email, which appeared to come from Instagram. Two days after the attack, cybercriminals contacted the organization via WhatsApp, claiming responsibility and demanding a ransom to restore access. The attackers had altered the account’s email address, password, and phone number, ultimately disabling it.

    Sustainable development goals

    SDG 3: Ensure healthy lives

Help Us Strengthen Civil Society’s Cyber Defences

Are you a data provider?

Join us in expanding this analysis by contributing your insights. Have you observed a threat?

Report it to us to help improve the picture. Contact us to become a data partner or to report an incident.

Report an incident

The platform is made possible with the support of our data partners

Logo of Bitsight
Logo of Cloudflare
Logo of Dataminr
Logo of Kaduu
Become One!

We are grateful to our donors whose support enables us to sustain and expand our work in building digital resilience for all.

Logo of CraigNewmark
Logo of FordFoundation
Logo of MastercardCFIG
Logo of Microsoft
Logo of McGovern