Cyber threats broadly refer to incidents that have the potential to cause harm to individuals, organizations, and entities by infiltrating technological systems and exploiting the ways in which they are used for the benefit of perpetrators. Cyber threats are wide ranging and span from technically oriented attacks such as hacking (i.e., the attempt to gain unauthorized access to or control over a computer) and malware (i.e., malicious software designed to compromise or breach data), to threats that leverage psychological manipulation such as phishing (i.e., communications designed to trick people into falling for a scam), and those that use social tools and platforms such as and online harassment, trolling, and disinformation. The objectives of and harms caused by cyber threats are diverse; some are specifically aimed at stealing data, whether for harassment (e.g., doxxing) or financial gain (e.g., ransomware), and others are aimed at undermining a person or their cause, silencing or delegitimizing a victim, or spreading false and malicious information.
Recent research highlights that CSOs are at a high risk of all types of cyber threats. The frequency of these incidents varies, with some facing these daily and others encountering them on a monthly or annual basis. Furthermore, in some contexts, the civil society sector operates under conditions that create specific and compounding vulnerabilities in managing these threats. Specifically, organizations are typically resourceconstrained, with limited capacity to invest in cybersecurity systems, training, or personnel. They handle sensitive data about vulnerable populations, including survivors of violence, activists in politically repressive environments, and other individuals whose information is of significant value to hostile actors. Additionally, in some countries, the political environments range from ambivalent to hostile towards the work of CSOs. Notably, in several Southeast Asian countries, governments have used cybercrime legislation, surveillance, and disinformation as tools to monitor, discredit, and suppress civil society activity.
Of critical importance, there is increasing evidence to suggest that CSOs who have an explicit commitment to advocating for women’s rights and promoting gender equality (i.e., women CSOs/WCSOs) are even more likely than CSOs to be targeted by cyber threats, and these threats tend to be gendered or sexualized in nature, such as online sexual harassment, stalking, intimate image-sharing, and sextortion. This reinforces findings from international research showing that women and women advocates in public life such as journalists, human rights defenders, politicians, and feminist activists are disproportionately affected by online violence and misogyny that seeks to undermine efforts at equality and silence women’s voices and gender equality discourse from civic spaces.
In a recent project with both CSOs and WCSOs across Southeast Asia, WCSOs were found to face gendered and sexualized online harassment, trolling, doxxing, impersonation, and cyber-bombing at higher rates than CSOs. The research also found that despite being largely aware of these risks, WCSOs were not necessarily able or ready to prepare for or actively recover from cyber threats. In this context, where patriarchal norms remain deeply embedded and where advocacy for women’s and girls’ rights is frequently characterized as politically or culturally subversive, these dynamics take on particular intensity. Therefore, WCSOs face a multilayered threat: they share the cybersecurity vulnerabilities common to many other CSOs, while simultaneously being targeted for their focus on gendered issues.
The prior research points towards a concerning reality for both CSOs and WCSOs, that even though digital technologies offer many benefits to support their work, they also open the possibilities of cyber threats. What is still unknown, however, is why these attacks and who is perpetrating them as understood by CSOs themselves. Perceptions of the perpetrators and their motivations carry practical significance for how organizations understand their cyber risk and calibrate their responses, and ultimately contribute to shaping policies that accurately reflect the reality of these organizations and can address their cybersecurity needs.