Number of cryptoware attacks

keith taynton made this Freedom of Information request to Transport for London

This request has been closed to new correspondence. Contact us if you think it should be reopened.

The request was refused by Transport for London.

Please state how many times software files have been encrypted by "cryptoware" or ransomware that infects a machine and encrypts files.

State how many times you have paid ransoms to unencrypt the files

State the total cost of these ransoms, if any

FOI, Transport for London

Dear Mr Taynton

 

Our ref:  FOI-1994-1516

 

Thank you for your email received on 25 January 2016 asking for
information about cryptoware attacks.

 

Your request will be processed in accordance with the requirements of the
Freedom of Information Act and our information access policy.

 

A response will be provided to you by 22 February 2016. We publish a
substantial range of information on our website on subjects including
operational performance, contracts, expenditure, journey data, governance
and our financial performance. This includes data which is frequently
asked for in FOI requests or other public queries. Please check
[1]http://www.tfl.gov.uk/corporate/transpar... to see if this helps you.

 

In the meantime, if you would like to discuss this matter further, please
do not hesitate to contact me.

 

Yours sincerely

 

Graham Hurt

FOI Case Officer

FOI Case Management Team

General Counsel

Transport for London

 

show quoted sections

 

References

Visible links
1. http://www.tfl.gov.uk/corporate/transpar...
2. http://www.tfl.gov.uk/corporate/about-tfl/

FOI, Transport for London

1 Attachment

Dear Mr Taynton

 

Our ref: FOI-1994-1516

 

Thank you for your email received on 25 January 2016 asking for
information about cryptoware attacks.

 

Your request has been considered under the requirements of the Freedom of
Information Act 2000 and our information access policy. We do hold the
information you require.

 

However, in accordance with the FOI Act we are not obliged to supply this
information as it is subject to a statutory exemption to the right of
access to information under section 31(1) (Prevention and detection of
crime).

 

In this instance the exemption applies as disclosure of the information
you have requested would describe the success or failure of attempts by
persons unknown to unlawfully access or disrupt our information networks,
which are critical to the operation of London’s transport system. The
London transport system is a critical piece of national infrastructure and
as such we employ rigorous safeguards to protect it from such attacks.
Like other organisations we are subject to regular attempted cyber
attacks. These attacks are unlawful under the Computer Misuse Act, and
whilst the motive is not always apparent, we are aware of the risk to
critical national infrastructure that may result from a successful attack.

 

We consider that releasing information about the type of attacks that we
are able to detect would be likely to prejudice our efforts to prevent and
detect future attacks and undermine our ability to safeguard the London
transport network.

 

The use of these exemptions is subject to an assessment of the public
interest in relation to the disclosure of the information concerned.  We
recognise the need for openness and transparency by public authorities,
but in this instance we consider that there is greater public interest in
safeguarding our information systems and protecting the integrity of the
London transport network.

 

Please see the attached information sheet for details of your right to
appeal.

 

Yours sincerely

 

Graham Hurt

 

FOI Case Officer

FOI Case Management Team

General Counsel

Transport for London

 

 

show quoted sections