FOI Ref: FOI/2021/3203
You asked
Please find below my FOI request regarding malicious emails sent to the department.
The date range for the requests is from 2018 to present day. The data shall include a breakdown by year and by individual departments (e.g. separate departments, agencies, or public bodies within the main government agency), if applicable.
How many malicious emails have been successfully blocked?
What percentage of malicious emails were opened by staff?
What percentage of malicious links in the emails were clicked on by staff?
How many ransomware attacks were blocked by the department?
How many ransomware attacks were successful?
We said
Thank you for your request.
Malicious emails received at the external interface are automatically 'dropped' and do not enter ONS systems. We do not hold information on the numbers received.
We are unable to provide you with answers to the other questions because you request specific information relating to our security tools, infrastructure, configurations and operations. This knowledge could provide insights into our level of protection and therefore aid anyone wishing to launch an attack on our systems and service provision. The information requested is exempted under S31(1)(a) - the prevention or detection of crime. To use this exemption we are required to consider the public interest test, and whilst we note there are public interest arguments in favour of transparency and disclosure we have decided that these are outweighed by other public interest factors that are in favour of non-disclosure. Principally we consider that release of the information requested would prejudice our ability to maintain and run a secure and safe technical security services. This is an essential function for all government departments and is particularly important for ONS which processes personal and economic information on its systems.