Caught in the Digital Crosshairs
The threat of CEO fraud and one NGO's resilient response
The threat of CEO fraud and one NGO's resilient response | GZERO Media
October 10, 2023
In January 2020, Heidi Kühn, founder and CEO of Roots of Peace, returned from an overseas trip to devastating news: her finance department had unwittingly transferred over $1 million to an unfamiliar bank account. Kühn and her team quickly realized they’d become victims of a CEO fraud cyber attack—cybercriminals had infiltrated the company’s email accounts via spear phishing and impersonated Kühn to trick the finance team into sending funds abroad.
The theft had an enormous impact on Roots of Peace, a nonprofit dedicated to converting minefields into arable farmland in former war zones. Following the attack, Roots of Peace reached out to the CyberPeace Insitute, an organization that provides free cybersecurity assistance, threat detection and analysis to NGOs and other critical sectors. Roots of Peace was able to recover some of the funds, but to date, only $175,000 of the $1.34 million total stolen has been returned.
Roots of Peace is an international humanitarian organization, but their story isn’t unusual: In 2021, CEO fraud caused $2.4 billion in losses to US businesses alone, according to the FBI Internet Crime Report. Kühn’s story is featured in the second episode of “Caught in the Digital Crosshairs: The Human Impact of Cyberattacks,” a new video series on cyber security produced by GZERO in partnership with Microsoft and the CyberPeace Institute. GZERO spoke with Kühn and Derek Pillar, a cyber security expert from Mastercard, to learn more about the threat of CEO fraud, the real-life impact of cyberattacks against the humanitarian sector, and how you can prevent similar attacks from happening to you and your organization.
From Your Site Articles
- Tech innovation can outpace cyber threats, says Microsoft's Brad Smith ›
- Podcast: Cyber Mercenaries and the digital “wild west" ›
- Podcast: Lessons of the SolarWinds attack ›
- Hacked by Pegasus spyware: The human rights lawyer trying to free a princess ›
- Attacked by ransomware: The hospital network brought to a standstill by cybercriminals - GZERO Media ›
- Podcast: How cyber diplomacy is protecting the world from online threats - GZERO Media ›
- Podcast: Foreign Influence, Cyberspace, and Geopolitics - GZERO Media ›
- Podcast: Cyber mercenaries and the global surveillance-for-hire market - GZERO Media ›
- The devastating impact of cyberattacks and how to protect against them - GZERO Media ›
More For You
Ukraine's President Volodymyr Zelenskiy, Finland's President Alexander Stubb, Estonia’s Prime Minister, President of the European Commission Ursula von der Leyen and other European leaders visit memorial to fallen Ukrainian defenders at the Independent Square on the fourth anniversary of Russia's full-scale invasion, in Kyiv, Ukraine February 24, 2026.
Ukrainian Presidential Press Service/Handout via REUTERS
Somewhere in the Donbas region, Ukrainian soldier Artem Bondarenko says he hasn’t slept through the night in months as he defends Eastern Ukraine.
Most Popular
Members of the special units of the National Guard and the Secretaria de Seguridad Ciudadana stand guard in front of the Fiscalia General de la Republica, where the investigation into the operation in which Nemesio Oseguera Cervantes, alias "El Mencho", founder and leading head of the Cartel de Jalisco Nueva, was killed, is underway.
Félix Márquez/dpa via Reuters Connect
- YouTube
In this Quick Take, Ian Bremmer warns that US military strikes on Iran are “looking increasingly imminent” as diplomacy appears to stall.
© 2025 GZERO Media. All Rights Reserved | A Eurasia Group media company.