Malicious email volume

Date released: 8 December 2021
Request number: 202111032
Release of information under: Freedom of Information Act 2000 (FOIA)

Information requested

The date range for the requests is from 2018 to present day. The data shall include a breakdown by year and by individual departments (e.g. separate departments, agencies, or public bodies within the main government agency), if applicable.

How many malicious emails have been successfully blocked?
What percentage of malicious emails were opened by staff?
What percentage of malicious links in the emails were clicked on by staff?
How many ransomware attacks were blocked by the department?
How many ransomware attacks were successful?

Information released

I confirm that under Section 1 of the FOIA we hold some of the information requested.

Please note that prior to 1 October 2020 our IT services were outsourced to the Health and Safety Executive (HSE). I therefore suggest that you contact them to request the information you require up to that time. Details of how to do this are included on their website.

Unfortunately, we only retain information for the last 90 days. We have therefore answered your questions in turn below for the period of time 2 September 2021 to 30 November 2021.

Question 1

How many malicious emails have been successfully blocked?

391,908

Question 2

What percentage of malicious emails were opened by staff?

0.00002%

Question 3

What percentage of malicious links in the emails were clicked on by staff?

0.000005%

Question 4

How many ransomware attacks were blocked by the department?

100% of ransomware attacks were blocked. The exact figure is unknown as our security services do not differentiate ransomware from other forms of Malware. Any of the 391,908 blocked emails could have been the start of an attempt to insert ransomware into our environment.

Question 5

How many ransomware attacks were successful?

None

Exemptions applied

N/A

PIT (Public Interest Test) if applicable

N/A