Please find below my FOI request regarding malicious emails sent to the council.
The date range for the requests is from 2018 to present day. The data shall include a breakdown by year.
1. How many malicious emails (e.g. phishing emails) have been successfully blocked?
2. What percentage of malicious emails were opened by staff?
3. What percentage of malicious links in the emails were clicked on by staff?
4. How many ransomware attacks were blocked?
5. How many ransomware attacks were successful?
Devon County Council can confirm that we hold the information you have requested. However, we consider this information is exempt from disclosure on the grounds that the law enforcement exemption at Section 31(1)(a) of the Freedom of Information Act 2000 applies.
The Council is concerned that releasing the information you have requested, would reveal intelligence about our cyber security posture. If this information were to be released into the public domain, the Council considers it likely that cyber threat actors would use this intelligence to leverage cyber-attacks against our infrastructure. This may then lead to an increase in the number of phishing and ransomware attacks our organisation faces.
Whilst the Council is mindful that there is a general public interest in openness and transparency regarding the IT security arrangements of local government organisations, we recognise that local and national government institutions are seeing an increase in the number of targeted cyber-attacks from various national and international sources. As such, we do not consider that there is a public interest in releasing information that might increase the number of these attacks that our organisation may face. We consider that there is a stronger public interest in the council working to uphold of confidentiality, integrity and availability of our IT infrastructure. For this reason we consider that the balance of public interest is best served by refusing this request at this time.