Malicious email volume

The request was refused by Norfolk County Council.

Dear Norfolk County Council,

Please find below my FOI request regarding malicious emails sent to the council.

The date range for the requests is from 2018 to present day. The data shall include a breakdown by year.

1. How many malicious emails (e.g. phishing emails) have been successfully blocked?
2. What percentage of malicious emails were opened by staff?
3. What percentage of malicious links in the emails were clicked on by staff?
4. How many ransomware attacks were blocked?
5. How many ransomware attacks were successful?

Yours faithfully,
Rebecca Moody

Freedom of Information, Norfolk County Council

Dear Rebecca Moody

Freedom of Information Act 2000/Environmental Information Regulations 2004 Information Request ENQ-525165-Z0G3S0

Thank you for your request for information received on 15/11/2021 .

We have up to 20 working days in which to deal with your request.

If we require clarification of your request we will contact you to explain this, and the 20 working-day period will then start from the day that we receive your clarification.

We will inform you in advance if there is a charge for supplying copies of any information, and we will provide an explanation if any information which we hold is not released to you.

If the requested information contains references to any third parties, we may need to seek their views before we can decide whether or not to release the information to you. In such cases we will not share your own personal details with third parties.

Should you have any queries regarding your request, please contact the team by email at [Norfolk County Council request email] or by telephone on 01603 222661.

Yours sincerely

Information Governance
Strategy and Transformation Directorate
Tel: 01603 222 661
Bay 9, South Wing, Ground Floor
County Hall, Martineau Lane, Norwich, NR1 2DH

show quoted sections

Freedom of Information, Norfolk County Council

6 Attachments

Dear Ms Moody,

 

Freedom of Information Request ENQ- 525165-Z0G3S0

 

I refer to your request for information dated 15 November 2021.

 

You asked:

 

The date range for the requests is from 2018 to present day. The data
shall include a breakdown by year.

 

1. How many malicious emails (e.g. phishing emails) have been successfully
blocked?

2. What percentage of malicious emails were opened by staff?

3. What percentage of malicious links in the emails were clicked on by
staff?

4. How many ransomware attacks were blocked?

5. How many ransomware attacks were successful?

 

Our response:

         

Your request has been considered and is refused.  In accordance with the
Freedom of Information Act 2000 (the Act), this letter acts as a Refusal
Notice.

 

Section 31 (1)(a) of the Act provides a qualified exemption for the
release of information if its disclosure would, or would be likely to,
prejudice the prevention or detection of crime.

 

Reason why the exemptions apply

 

The exemption applies because to disclose this information into the public
domain may place the County Council at risk of attempts to hack or
compromise security. This would increase the risk of being a target for
criminal behaviour, such as cyber-attacks, accessing systems information
or theft. 

 

Public Interest Test Reasons

 

The Council has considered whether the public interest is maintaining the
exemptions is outweighed by the public interest in disclosure.

 

This Council has considered the following reasons in favour of disclosure:

o Promoting accountability and transparency by public authorities for
decisions taken by them.

 

Balanced against this are the following reasons against disclosure

o Releasing this information will identify potential security
information which would make the County Council more vulnerable to
crime and may attract criminal behavior.

On balance the Council considers that the risks from disclosure are such
that the public interest in maintaining the exemption outweighs that of
disclosure.

 

If you are dissatisfied with our handling of your request you have the
right of appeal through the Council’s internal review procedure by setting
out the grounds of your appeal in writing to:

 

[1][Norfolk County Council request email]

or Information Compliance Team

County Hall

Martineau Lane

Norwich

NR1 2DH

 

An appeal should be submitted within 40 working days of the date of this
notice and should be identified as "FOI Appeal".

 

If you are dissatisfied after pursuing the complaints procedure, you may
apply to the Information Commissioner under Section 50 of the Act for a
decision whether your request for information has been dealt with in
accordance with the requirements of Part I of the Act.  Refer to the ICO
Website at: [2]https://ico.org.uk/concerns/ for advice on how to report a
concern.  Or you can write to them at:

 

First Contact Team

Information Commissioner's Office

Wycliffe House

Water Lane, Wilmslow

Cheshire

SK9 5AF

 

Yours sincerely,

Information Compliance Officer

Strategy and Transformation

Dept: 01603 222661

County Hall

[3]Norfolk County Council[4]    [5]Twitter[6] [7]Facebook[8] [9]Web

 

[10]Campaign Logo

 

show quoted sections

Good afternoon,

Please could you provide an update on my FOI request sent on 11th November?

Yours faithfully,
Rebecca

Good afternoon,

Thank you for your prompt response to my FOI request. While I appreciate your refusal to provide the information, we have submitted this FOI request to a large number of government agencies, many of whom have provided us with data.

Would you consider submitting data for question 1 (How many malicious emails have been successfully blocked?) alone? Every organization receives malicious emails, therefore, we don't feel this would fall within the sections you quoted (cybercriminals won't know how many, if any, of these emails are successful and, therefore, have no information on how successful your cybersecurity systems are).

Yours sincerely,
Rebecca

My apologies, the request was sent on 15th November.

Thank you,
Rebecca

Freedom of Information, Norfolk County Council

1 Attachment

  • Attachment

    Re ENQ 525165 Z0G3S0 Freedom of Information request Malicious email volume.txt

    6K Download View as HTML

Dear Rebecca,

 

Thank you for your below and attached emails. We don't appear to have
previously received your email asking for re-consideration of the response
to question 1  - where you have copied this there is no date indicated in
terms of when you originally sent that email to us?

 

In the circumstances, with your consent I would like to treat your further
enquiry as an appeal against the original position taken in relation to
that specific question. As you have made reference to other public
authorities providing some relevant information, and stated some grounds
for questioning our position in relation to that particular question, I
believe that constitutes an appeal if you are in agreement with that
approach?

 

If you could please confirm your consent, I will undertake an internal
review of the original response, specifically in relation to question 1,
on the basis of your further representations as copied in italics below:

 

Thank you for your prompt response to my FOI request. While I appreciate
your refusal to provide the information, we have submitted this FOI
request to a large number of government agencies, many of whom have
provided us with data. Would you consider submitting data for question 1
(How many malicious emails have been successfully blocked?) alone? Every
organization receives malicious emails, therefore, we don't feel this
would fall within the sections you quoted (cybercriminals won't know how
many, if any, of these emails are successful and, therefore, have no
information on how successful your cybersecurity systems are).

 

Whilst we genuinely do not appear to have received your further
representations until receiving the below and attached, as you have
repeated it in your attached follow-up email on 31 December 2021, I will
take that date (31/12/2021) as being the date of your appeal.

 

Please would you confirm that you are happy for me to proceed on the above
basis?

 

Many thanks

 

Information Compliance Manager (FOI Lead)

Information Governance

Insight & Analytics, Strategy & Transformation

Tel: 01603 222661

County Hall

[1]Norfolk County Council   [2]Twitter[3]Facebook[4]Web

 

show quoted sections

Freedom of Information, Norfolk County Council

1 Attachment

  • Attachment

    Re ENQ 525165 Z0G3S0 Freedom of Information request Malicious email volume.txt

    6K Download View as HTML

Dear Rebecca,

 

As you did not respond to my below email I sought further feedback from
our IMT department rather than undertaking a full internal review at this
time.

 

I have been advised that the council’s position remains the same in
relation to providing any detail relating to cyber-attacks. Whilst details
of the number of malicious emails successfully blocked may seem low risk,
we cannot anticipate how details may be perceived when compared to other
organisations. Should there be a perception (whether accurate or not) that
any organisation is blocking a smaller number than others, that would
likely make them a higher target, therefore creating a greater potential
risk to that organisation from cyber-attack.

 

You remain at liberty to request a formal internal review if you remain of
the view that the council has not complied with the requirements of the
Act. Please let me know if you do now wish to initiate a formal appeal.

 

Yours sincerely

 

Information Compliance Manager (FOI Lead)

Information Governance

Insight & Analytics, Strategy & Transformation

Tel: 01603 222661

County Hall

[1]Norfolk County Council   [2]Twitter[3]Facebook[4]Web

 

From: Freedom of Information
Sent: 05 January 2022 11:03
To: [FOI #807209 email]
Subject: ENQ-525165-Z0G3S0 Freedom of Information request - Malicious
email volume

 

Dear Rebecca,

 

Thank you for your below and attached emails. We don't appear to have
previously received your email asking for re-consideration of the response
to question 1  - where you have copied this there is no date indicated in
terms of when you originally sent that email to us?

 

In the circumstances, with your consent I would like to treat your further
enquiry as an appeal against the original position taken in relation to
that specific question. As you have made reference to other public
authorities providing some relevant information, and stated some grounds
for questioning our position in relation to that particular question, I
believe that constitutes an appeal if you are in agreement with that
approach?

 

If you could please confirm your consent, I will undertake an internal
review of the original response, specifically in relation to question 1,
on the basis of your further representations as copied in italics below:

 

Thank you for your prompt response to my FOI request. While I appreciate
your refusal to provide the information, we have submitted this FOI
request to a large number of government agencies, many of whom have
provided us with data. Would you consider submitting data for question 1
(How many malicious emails have been successfully blocked?) alone? Every
organization receives malicious emails, therefore, we don't feel this
would fall within the sections you quoted (cybercriminals won't know how
many, if any, of these emails are successful and, therefore, have no
information on how successful your cybersecurity systems are).

 

Whilst we genuinely do not appear to have received your further
representations until receiving the below and attached, as you have
repeated it in your attached follow-up email on 31 December 2021, I will
take that date (31/12/2021) as being the date of your appeal.

 

Please would you confirm that you are happy for me to proceed on the above
basis?

 

Many thanks

 

Information Compliance Manager (FOI Lead)

Information Governance

Insight & Analytics, Strategy & Transformation

Tel: 01603 222661

County Hall

[5]Norfolk County Council   [6]Twitter[7]Facebook[8]Web

 

show quoted sections