FOI release

FOI 106 - Number of Malicious emails received by Insolvency Service

Updated 2 February 2022

Our ref: FOI21/22-106

Date: 26 November 2021

Dear

Re: Freedom of Information Act 2000

Thank you for your email of 11 November in which you requested from the Insolvency Service:

The date range for the requests is from 2018 to present day. The data shall include a breakdown by year and by individual departments (e.g. separate departments, agencies, or public bodies within the main government agency), if applicable.

1. How many malicious emails have been successfully blocked?
2. What percentage of malicious emails were opened by staff?
3. What percentage of malicious links in the emails were clicked on by staff?
4. How many ransomware attacks were blocked by the department?
5. How many ransomware attacks were successful?

Your request has been dealt with under the Freedom of Information Act 2000 (FOIA).

I can confirm the agency holds the information that you have requested and I have provided answers to your questions below.

Please note that we are unable to give data dating back to 2018, our reports are limited to between 30 and 90 days and the time frame is specified in the response to each question.

1. How many malicious* emails have been successfully blocked? Between 28 August and 25 November 2021, 19,375 malicious emails have been blocked.

2. What percentage of malicious emails were opened by staff? Between 28 August and 25 November 2021, less than 0.01% of detected malicious emails were opened by staff.

3. What percentage of malicious links in the emails were clicked on by staff? Between 28 August and 25 November 2021, of the malicious emails that were opened by staff 6 links were clicked. In these cases, either our security controls blocked the websites from loading, or our employees recognised the website wasn’t legitimate and didn’t proceed.

4. How many ransomware** attacks were blocked by the department? Between 27 October and 25 November 2021, 27 “ransomware” attacks were blocked.

5. How many ransomware attacks were successful? Between 27 October and 25 November 2021, no ransomware attacks were successful.

* In the context of this data, the word “malicious” is defined as Malware, Spam or phishing emails.

** In the context of this data, the word “ransomware has been interpreted as any email with a “malicious payload”

If you are not satisfied with the response we have provided you and would like us to reconsider our decision by way of an internal review (IR), please contact our Information Rights Team at foi@insolvency.gov.uk or by post at:

Information Rights Team
The Insolvency Service
3rd Floor
Cannon House
18 Priory Queensway
Birmingham
B4 6FD
United Kingdom

You also have the right to contact the Information Commissioners Office (ICO) if you wish for them to investigate any complaint you may have in regards to our handling of your request. However, please note that the ICO is likely to expect an IR to have been completed in the first instance.

Kind regards

Information Rights Team

The Insolvency Service

The Department for Business, Energy and Industrial Strategy, Official receivers and the Adjudicator are Data Controllers in respect of personal data processed by the Insolvency Service. For the details about how personal data is processed by the agency, please see the full Insolvency Service Personal Information Charter here: https://www.gov.uk/government/organisations/insolvency-service/about/personal-information-charter