“Like any organisation, we’ve got a range of IT providers, everyone from payment gateways to CRM [customer relationship management] providers, and all of them have a different range of security measures in place.
“When you look at your tech stack, because we’ve got such a range of partners, what we found was a lot of passing the buck. So, our challenge was really everyone saying ‘that’s not our problem’ and getting bounced around.
“That’s where Cloudflare came in, they were recommended to us by one of our providers, and they helped us navigate through it, it was pretty invaluable.”
Cloudflare’s “Project Galileo” offers vulnerable targets such as artistic groups, humanitarian organisations, journalists and political dissidents free cybersecurity protection.
Cloudflare took on UN Women Australia’s cybersecurity responsibilities and began with an analysis of its technical infrastructure to locate the point of failure, before switching its payment gateway to one with better security.
Statistics provided by Cloudflare show that of its Project Galileo participating organisations, only 36 per cent have a dedicated individual managing cybersecurity, and 46 per cent have a staff headcount of between one and 10 employees.
“Especially for an organisation as small as ours, you’re only as good as your partners and whoever you’re working with,” Clarke said. “I’d had no experience of what a BIN attack was, and we’ve now got a renewed diligence around making sure that we are absolutely on top of it.”
Clarke said that, thankfully, no customer or donor data was impacted.
According to the Australian Signals Directorate – the government agency responsible for information security – more than 127,000 hacks against Australian servers were recorded in the 2022-23 financial year, an increase of more than 300 per cent on the same period a year earlier.