The Woodland Trust, a peaceful British charity that looks after trees, was struck by a “cyber attack” before Christmas.
Members of the trust, which says it has planted 43 million trees since its foundation in 1972, were informed last night of what was inevitably described as a “sophisticated, high level cyber-incident.”
It may not seem obvious what cybercriminals wanted to achieve by targeting the trust, whose online content includes guides on planting trees and how to object to planning permission applications that could result in trees being cut down – but it does have 250,000 registered members.
Chief exec Darren Moorcroft told Woodland Trust members in an email sent yesterday afternoon: “As soon as we became aware of the incident we engaged a group of external specialists who launched an investigation and also took immediate action in order to mitigate the impact.”
He added: “We reported the incident to the Information Commissioner’s Office (ICO), the Charity Commission as well as the Police Cybercrimes Unit.”
The charity said in a statement on its website that “no data has been compromised” that it knows of, though it warned members to be vigilant for unusual phonecalls or communications appearing to come from the trust or from banks.
The attack is believed to have taken place “after 7pm on 14 December”, which appears to refer to the first detected intrusion onto the Woodland Trust’s systems.
The charity said in the statement that it had “disconnected its IT systems”. The Reg has asked what those systems were and what they’ve been disconnected from. So far there is no information on whether the attack was ransomware, though the scale of the response and agencies contacted has a lot in common with previous ransomware responses by UK organisations.
If it is ransomware, the attack goes to show that no organisation, no matter how innocuous, is off-limits as increasingly greedy crooks hunt for data to pinch for profit. Charities in particular tend to hold large quantities of personal data in the form of member lists, so they may form the next front line in the eternal counter-ransomware war. ®