Cyber attacks - 517/15
Dated: 23 Jun 2015
Date of request: 27/05/15
Date of response: 23/06/15
Provision of information held by Northumbria Police made under the Freedom of Information Act 2000 (the 'Act')(FOIA)
Thank you for your email dated 27 May 2015 in which you made a request for access to certain information which may be held by Northumbria Police.
As you may be aware the purpose of the Act is to allow a general right of access to information held by a Public Authority (including the Police), subject to certain limitations and exemptions.
I am requesting information about all cyber attacks reported to your force.
By "cyber attack" I mean the unauthorised access to or deliberate disruption of a computer system or device which is a crime under the Computer Misuse Act 1990.
1) How many separate reports of cyber attacks on
a. local authorities or government departments
b. local hospitals or NHS departments
c. local schools, academies or universities
has your force have received in the last five years since 1 January 2010?
2) For each separate report of an attack, please provide the name of the
a. local authority or government department
b. local hospital or NHS department
c. local school, academy or university
that was attacked, as well as
d. the date the attack was reported
e. the type of attack.
f. the type of data accessed
3) For each separate report of an attack, please provide the current status of the case/investigation.
We have now had the opportunity to fully consider your request and I provide a response for your attention.
Following receipt of your request, searches were conducted with the Corporate Development Department of Northumbria Police. I can confirm that the information you have requested is held by Northumbria Police.
I am able to disclose the located information to you as follows.
The information provided has been obtained by searching NPICCS for the period 01/01/2010 to 31/12/20104 using the home office codes that refer to the Computer Misuse Act 1990 (053/54, 053/34, 053/35 and 053/55).
The information requested at points 2 and 3 will not be disclosed as the following exemption applies
Section 30 is a qualified class based exemption which requires we identify the harm and carry out a public interest test.
Disclosures under Freedom of Information are disclosures to the public at large, not just the individual making the request.
To disclose the names of establishments which had reported cyber attacks, together with the dates, type of attack and type of data accessed would identify potentially vulnerable targets, especially if a certain authority had been subject to an attack more than once.
Disclosure of the status of the investigations would be harmful to any investigations which are ongoing. Using that information in conjunction with other information disclosed in this request would reveal to those who committed the offences whether police were monitoring a case, or
if it were confirmed a case was closed pending further evidence, then this would identify to the offenders that the police are not currently reviewing the case.
Factors favouring disclosure
The disclosure of information would provide an insight into the police service and enable the public to have better understanding of the effectiveness of the police. Disclosure of information could allow the public to make informed decisions about how the police investigate cyber crime. Where public funds are being spent, there is a public interest in accountability and justifying the use of public money.
Factors against disclosure
The disclosure of information in relation to specific reported cyber crime incidents would hinder the prevention or detection of crime. Northumbria Police would not wish to reveal details about cyber crimes that have been used to target government, schools and other authorities as this would clearly undermine the law enforcement and investigative process. The details will form part of an investigation which may still be ongoing and could undermine the effectiveness of the investigations. The disclosure would identity which cyber attacks had been reported and which others had not been detected. This would undermine the ongoing investigations and potentially any others in the future.
The effectiveness of investigations and the intelligence they provide is of paramount importance and the Police service will not divulge details that would compromise ongoing investigations.
Whilst there is a public interest in the transparency of policing operations and providing assurance that the police service is appropriately and effectively engaging with the threat posed by various groups or individuals there is a very strong public interest in safeguarding the integrity of police investigations and operations.
As much as there is public interest in knowing that policing activity is appropriate and balanced this will only be overridden in exceptional circumstances. Identifying investigative information around cyber crime would undermine any current investigations and any that may occur in the future. It is therefore vitally important that this information is not disclosed.
In some cases such reports will be made directly to the National Fraud Intelligence Bureau they may hold further relevant information about this subject, their site has a statistics section which may be useful to you. We have provided the relevant link below
Due to the different methods of recording information across 43 forces, a specific response from one constabulary should not be seen as an indication of what information could be supplied (within cost) by another. Systems used for recording these figures are not generic, nor are the procedures used locally in capturing the data. For this reason responses between forces may differ, and should not be used for comparative purposes.
The information we have supplied to you is likely to contain intellectual property rights of Northumbria Police. Your use of the information must be strictly in accordance with the Copyright Designs and Patents Act 1988 (as amended) or such other applicable legislation. In particular, you must not re-use this information for any commercial purpose.
How to complain
If you are unhappy with our decision or do not consider that we have handled your request properly and we are unable to resolve this issue informally, you are entitled to make a formal complaint to us under our complaints procedure which can be found at: http://www.northumbria.police.uk/foi/disclosurelog/foicomprights.asp
If you are still unhappy after we have investigated your complaint and reported to you the outcome, you may complain directly to the Information Commissioner’s Office and request that they investigate to ascertain whether we have dealt with your request in accordance with the Act.