FOI release

FOI2022/00043: Ransomware Survey

This request was refused in full, so we didn't provide the information the requester asked for. This may include information where we can neither confirm nor deny that we hold it.

Case reference FOI2022/00043

Published 3 May 2022

Request

Request Received: 4 February 2022

I'm developing a ransomware toolkit. The purpose of the toolkit is to provide organisations with recommendations (prevention and detection techniques and response strategies) to avoid or reduce the impact of ransomware attacks. I'm reaching out to you to ask if you would be willing to share (on a completely anonymous basis) any useful information relating to any ransomware attempts or attacks. Specifically, it would be incredibly helpful if you could share:

1. The root cause of the ransomware attacks (or attempts)

2. Any possible lessons learned from the ransomware attack

3. Any positive strategies you employed before or during that helped to reduce the impact of the attack

4. How did the organisation respond to the ransomware attack?

5. Has the organisation employed any new defensive strategies/techniques after the ransomware attack with the intention of improving security against ransomware attacks

6. Has the organisation developed any new response strategies for ransomware attacks

The toolkit I'm developing contains a series of questions to determine how holistic and robust an organisation's defense is against ransomware. Based on the answers to the questions, the toolkit provides a series of specific recommendations for improvement. I would be grateful if you could comment on whether or not such a toolkit would be of value to your organisation.

The main reason I'm asking for this information is to gather real world data on ransomware attacks, to allow me to evidence the potential effectiveness of the toolkit. Information that is used in my honours project, the respondent's details will be anonymised. Any information you are willing to divulge is greatly appreciated.

Response

Response Sent: 17 February 2022

Full details of this response are provided in the attached document.

Documents

• FOI_Response_Letter_FOI2022_00043_Redacted.pdf (289.3 KB)

This is UK Research and Innovation's response to a freedom of information (FOI) or environmental information regulations (EIR) request.

You can browse our other responses or make a new FOI request.