Cyber-attack information

The request was successful.

Dear Newcastle University, could you please forward these questions onto the correct department and/or personnel.

1) Between September 2016 - December 2017, has your university been targeted via a cyber-attack?
A) - Yes
B) - No

2) Between September 2016 - December 2017, how many cyber-attacks has your university encountered?
A) - Under 50 attacks
B) - 50 - 100 attacks
C) - 150 - 200 attacks
D) - Greater than 200 attacks

3) Between September 2016 - December 2017, which cyber-attacks has your university encountered? (Please choose which are applicable.)
A) - Phishing attacks
B) - Spear phishing attacks
C) - Ransomware attacks
D) - SQL injection attacks
E) - Rootkit attacks

4) How many phishing attacks has your university encountered?
(Please base your answer between September 2016 - December 2017.)
A) - Under 100 attacks
B) - 100 - 200 attacks
C) - 300 - 400 attacks
D) - Greater than 400 attacks

5) From research, many universities across the country have been targeted via a number of phishing campaigns. What impact have they had on your university?

6) From research, there has been successful phishing campaigns across many universities. When considering that both students and lecturers can be victims, who has been affected the most?
A) - Students
B) - Lecturers

7) How many targeted spear phishing attacks has your university encountered?
A) - Under 25 attacks
B) - 25 - 50 attacks
C) - 50 - 75 attacks
D) - 75 - 100 attacks
E) - Greater than 100 attacks

8) What impact has spear phishing attacks had on your university?

9) How many ransomware attacks has your university encountered?
(Please base your answer between September 2016 - December 2017.)
A) - Under 25 attacks
B) - 25 - 50 attacks
C) - 50 - 75 attacks
D) - 75 - 100 attacks
E) - Over 100 attacks

10) When a Ransomware attack was triggered, how quickly was it resolved?
A) - Resolved Immediately
B) - Resolved within and under 24 hours
C) - Resolved between 1 - 2 days
D) - Resolved after 3 or more days

11) Considering that ransomware affects the availability of a system or systems,
please describe the impact that ransomware has had on your university institution.

12) How many SQL injection attacks has your university encountered?
(when contemplating the number of attacks, please include attempted attacks and
unfortunate successful attacks and Please base your answer between September 2016 - December 2017.)

A) - Under 100 attacks
B) - 100 - 200 attacks
C) - 200 - 300 attacks
D) - 300 - 400 attacks
E) - Over 400 attacks

13) What impact has SQL injection attacks had on your university?

14) How many rootkit attacks has your university encountered?
A) - Under 5 attacks
B) - 5 - 10 attacks
C) - 10 - 20 attacks
D) - Over 20 attacks

15) What impact has rootkit attacks had on your university?

16) When considering the different types of cyber-attacks, that many university institutions are targeted with, how would you class your current and existing security controls?
A) - Inadequate
B) - Good
C) - Adequate
D) - Excellent

17) Do you believe your existing and current IT infrastructure will protect you from cyber-attacks that may occur in the next 18 months?
A) - Yes
B) - No

18) Should more funding be given to IT Security to help improve and maintain the current security that is already in place within your university institution?
A) - Yes
B) - No

Yours faithfully,
Jordan Gifford

Good afternoon Jordan,

Thank you for your request for information. We will deal with your request under the Freedom of Information Act and will respond to you within 20 working days.

Regards,

Thomas Little
Information Security Officer (Compliance)
IT Service Newcastle University
Tel: 0191 2086904
[email address]

>-----Original Message-----
>From: Jordan Gifford [mailto:[FOI #461830 email]]
>Sent: 01 February 2018 15:01
>To: nrecman <[email address]>
>Subject: Freedom of Information request - Cyber-attack information
>
>Dear Newcastle University, could you please forward these questions onto the
>correct department and/or personnel.
>
>1) Between September 2016 - December 2017, has your university been targeted
>via a cyber-attack?
>A) - Yes
>B) - No
>
>2) Between September 2016 - December 2017, how many cyber-attacks has your
>university encountered?
>A) - Under 50 attacks
>B) - 50 - 100 attacks
>C) - 150 - 200 attacks
>D) - Greater than 200 attacks
>
>3) Between September 2016 - December 2017, which cyber-attacks has your
>university encountered? (Please choose which are applicable.)
>A) - Phishing attacks
>B) - Spear phishing attacks
>C) - Ransomware attacks
>D) - SQL injection attacks
>E) - Rootkit attacks
>
>4) How many phishing attacks has your university encountered?
>(Please base your answer between September 2016 - December 2017.)
>A) - Under 100 attacks
>B) - 100 - 200 attacks
>C) - 300 - 400 attacks
>D) - Greater than 400 attacks
>
>5) From research, many universities across the country have been targeted via a
>number of phishing campaigns. What impact have they had on your university?
>
>6) From research, there has been successful phishing campaigns across many
>universities. When considering that both students and lecturers can be victims,
>who has been affected the most?
>A) - Students
>B) - Lecturers
>
>7) How many targeted spear phishing attacks has your university encountered?
>A) - Under 25 attacks
>B) - 25 - 50 attacks
>C) - 50 - 75 attacks
>D) - 75 - 100 attacks
>E) - Greater than 100 attacks
>
>8) What impact has spear phishing attacks had on your university?
>
>9) How many ransomware attacks has your university encountered?
>(Please base your answer between September 2016 - December 2017.)
>A) - Under 25 attacks
>B) - 25 - 50 attacks
>C) - 50 - 75 attacks
>D) - 75 - 100 attacks
>E) - Over 100 attacks
>
>10) When a Ransomware attack was triggered, how quickly was it resolved?
>A) - Resolved Immediately
>B) - Resolved within and under 24 hours
>C) - Resolved between 1 - 2 days
>D) - Resolved after 3 or more days
>
>11) Considering that ransomware affects the availability of a system or systems,
>please describe the impact that ransomware has had on your university
>institution.
>
>12) How many SQL injection attacks has your university encountered?
>(when contemplating the number of attacks, please include attempted attacks
>and unfortunate successful attacks and Please base your answer between
>September 2016 - December 2017.)
>
>A) - Under 100 attacks
>B) - 100 - 200 attacks
>C) - 200 - 300 attacks
>D) - 300 - 400 attacks
>E) - Over 400 attacks
>
>13) What impact has SQL injection attacks had on your university?
>
>14) How many rootkit attacks has your university encountered?
>A) - Under 5 attacks
>B) - 5 - 10 attacks
>C) - 10 - 20 attacks
>D) - Over 20 attacks
>
>15) What impact has rootkit attacks had on your university?
>
>16) When considering the different types of cyber-attacks, that many university
>institutions are targeted with, how would you class your current and existing
>security controls?
>A) - Inadequate
>B) - Good
>C) - Adequate
>D) - Excellent
>
>17) Do you believe your existing and current IT infrastructure will protect you from
>cyber-attacks that may occur in the next 18 months?
>A) - Yes
>B) - No
>
>18) Should more funding be given to IT Security to help improve and maintain the
>current security that is already in place within your university institution?
>A) - Yes
>B) - No
>
>Yours faithfully,
>Jordan Gifford
>
>-------------------------------------------------------------------
>
>Please use this email address for all replies to this request:
>[FOI #461830 email]
>
>Is [Newcastle University request email] the wrong address for Freedom of Information requests to
>Newcastle University? If so, please contact us using this form:
>https://www.whatdotheyknow.com/change_re...
>rsity
>
>Disclaimer: This message and any reply that you make will be published on the
>internet. Our privacy and copyright policies:
>https://www.whatdotheyknow.com/help/offi...
>
>For more detailed guidance on safely disclosing information, read the latest advice
>from the ICO:
>https://www.whatdotheyknow.com/help/ico-...
>
>Please note that in some cases publication of requests and responses will be
>delayed.
>
>If you find this service useful as an FOI officer, please ask your web manager to link
>to us from your organisation's FOI page.
>
>
>-------------------------------------------------------------------

hide quoted sections

Dear Mr Gifford
 
Thank you for your request for information, which we received on 1
February 2018 and have processed under the Freedom of Information Act 2000
(“FOIA”). I apologise for the delay in responding.
 
As permitted by the exemption at section 31(3) of FOIA, I can neither
confirm nor deny that the requested information is held by the University,
since to do so would prejudice the detection of crime by allowing
attackers to judge the efficacy or otherwise of any such action. The
exemption at section 31 is, however, qualified and subject to the public
interest test. Whilst there is an accepted public interest in access to
information held by a public authority, the public interest in the
effective detection of crime is extremely high. The University’s IT
systems are used for a number of purposes and the impact of a successful
attack on both individuals and businesses would be great. It is my
opinion, therefore, that the public interest in maintaining the exemption
above outweighs that in confirming or denying whether the information is
held.
 
If you are unhappy with the way we have handled your request you can ask
for an internal review. Details of how to do this can be found at:
[1]http://www.ncl.ac.uk/foi/access/complain...
 
If you are not happy with the outcome of the internal review, you then
have the right to apply directly to the Information Commissioner's Office
for a decision. Details of how to do this can be found at:
[2]http://ico.org.uk/concerns
 
Yours sincerely,
 
Ben Heathcote
Information Security Officer (Compliance)
Information Security & Governance Team
IT Service
Newcastle University
NE1 7RU
 
Telephone: 0191 208 6950
Email: [3][email address]
 
 
 

References

Visible links
1. http://www.ncl.ac.uk/foi/access/complain...
2. http://ico.org.uk/concerns
3. mailto:[email address]