FOI2022/00043: Ransomware Survey
Case reference FOI2022/00043
Published 3 May 2022
Request
Request Received: 4 February 2022
I'm developing a ransomware toolkit. The purpose of the toolkit is to provide organisations with recommendations (prevention and detection techniques and response strategies) to avoid or reduce the impact of ransomware attacks. I'm reaching out to you to ask if you would be willing to share (on a completely anonymous basis) any useful information relating to any ransomware attempts or attacks. Specifically, it would be incredibly helpful if you could share:
1. The root cause of the ransomware attacks (or attempts)
2. Any possible lessons learned from the ransomware attack
3. Any positive strategies you employed before or during that helped to reduce the impact of the attack
4. How did the organisation respond to the ransomware attack?
5. Has the organisation employed any new defensive strategies/techniques after the ransomware attack with the intention of improving security against ransomware attacks
6. Has the organisation developed any new response strategies for ransomware attacks
The toolkit I'm developing contains a series of questions to determine how holistic and robust an organisation's defense is against ransomware. Based on the answers to the questions, the toolkit provides a series of specific recommendations for improvement. I would be grateful if you could comment on whether or not such a toolkit would be of value to your organisation.
The main reason I'm asking for this information is to gather real world data on ransomware attacks, to allow me to evidence the potential effectiveness of the toolkit. Information that is used in my honours project, the respondent's details will be anonymised. Any information you are willing to divulge is greatly appreciated.
Response
Response Sent: 17 February 2022
Full details of this response are provided in the attached document.
Documents
This is UK Research and Innovation's response to a freedom of information (FOI) or environmental information regulations (EIR) request.
You can browse our other responses or make a new FOI request.