Freedom of Information request on date range for the FOI requests is from 2018 to present day (FOI 21/1231)
Published 26 May 2022
© Crown copyright 2022
This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.
Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.
This publication is available at https://www.gov.uk/government/publications/freedom-of-information-responses-from-the-mhra-week-commencing-22-november-2021/freedom-of-information-request-on-date-range-for-the-foi-requests-is-from-2018-to-present-day-foi-211231
FOI 21/1231
22nd November 2021
Dear,
Thank you for your email.
This response is applicable for both of your Freedom of Information (FOI) requests, FOI 21/1231 and FOI 21/1232 where you asked:
“The date range for the requests is from 2018 to present day. The data shall include a breakdown by year and by individual departments (e.g. separate departments, agencies, or public bodies within the main government agency), if applicable.
-
How many malicious emails have been successfully blocked?
-
What percentage of malicious emails were opened by staff?
-
What percentage of malicious links in the emails were clicked on by staff?
-
How many ransomware attacks were blocked by the department?
-
How many ransomware attacks were successful?”
This information is exempt under Section 31 of the FOI Act for the following reasons:
The Agency like any organisation may be subject to cyber-attacks and, since it holds large amounts of sensitive, personal and confidential information, maintaining the security of this information is extremely important. Cyber-attacks, which may amount to criminal offences for example under the Computer Misuse Act 1990 or the Data Protection Act 1998, are rated as a Tier 1 threat by the UK Government.
In this context, providing requested information would provide information about the Agency’s information security systems and its resilience to cyber-attacks. There is a very strong public interest in preventing the Agency’s information systems from being subject to cyber-attacks. Providing the type of information requested would be likely to provide attackers with information relating to the state of our cyber security defences, and this is not in the public interest.
If you have a query about the information provided, please reply to this email
If you disagree with how we have interpreted the Freedom of Information Act 2000 in answering your request, you can ask for an internal review. Please reply to this email, within two months of this reply, specifying that you would like an Internal Review to be carried out.
Due to the ongoing Covid-19 situation, we are not able to accept delivery of any documents or correspondence by post or courier to any of our offices
Please remember to quote the reference number above in any future communications.
If you were to remain dissatisfied with the outcome of the internal review, you would have the right to apply directly to the Information Commissioner for a decision. Please bear in mind that the Information Commissioner will not normally review our handling of your request unless you have first contacted us to conduct an internal review. The Information Commissioner can be contacted at:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Yours sincerely,
MHRA Customer Service Centre
Medicines and Healthcare products Regulatory Agency
10 South Colonnade, Canary Wharf, London E14 4PU
Telephone 020 3080 6000