Skip to main content
Menu

Blocked emails (2021)

Request

The number of suspected malicious emails blocked by your organisation over to date in 2021, broken down by month (January - April 2021).
Could you please categorise each as e.g. spam, phishing, malware etc

 

Response

Whilst the House of Commons and the House of Lords are two separate public authorities in accordance with the Freedom of Information Act 2000 (FOIA), the Parliamentary Digital Service (PDS) is a joint, bicameral service providing information and communications technology services for both Houses of Parliament. The information below therefore covers both Houses and the whole of the parliamentary network.

This information is held by the House of Commons. The number of emails blocked between 1 January and 30 April 2021 was 4,050,841.

We also hold this information broken down by month and by the category of threat. However, we believe that disclosing this level of detail would undermine the cyber security of the parliamentary network. It would reveal information about our cyber security operations and network set-up which would be useful to potential cyber-attackers. We have therefore withheld this information in accordance with sections 31(1)(a) and (b) as well as section 24(1) FOIA. These are qualified exemptions and require a public interest test to be performed, as follows.

Section 31(1)(a) and (b) – Law enforcement

The Parliamentary Digital Service is aware of the increasing threat of cyber-crime to organisations, especially including high-profile organisations like the Parliament. With this in mind, we consider that disclosure of a breakdown of blocked emails either by month or by type of threat would prejudice the prevention and detection of crime (including cyber-crime) and also the apprehension and prosecution of offenders. Therefore, this information is exempt by virtue of section 31(1)(a) and (b) FOIA. This is a qualified exemption and the public interest test applies.
We accept there is a legitimate public interest in the effectiveness of measures being employed to keep the parliamentary network safe and secure. This is especially important given that this infrastructure is maintained using public funds and is used by elected representatives to perform public duties.
However, this is outweighed by the risks of criminal activity being undertaken if the information was disclosed. The release of this material could provide valuable information to those wishing to launch a cyber-attack against the House of Commons. Knowledge of the number of blocked emails by month or of what types of threat are blocked and in what numbers would allow potential cyber-attackers to build up a picture of our capability and capacity in this area. It could provide those groups or individuals with an indication of where to focus their efforts when targeting our systems. Groups planning attacks are known to conduct extensive research and will take advantage of the ‘mosaic effect’ by combining information from different sources. If this information were to be combined with other information already in the public domain or obtained from elsewhere, the disclosure of it could assist in mounting an effort to breach or bypass cyber security measures, with serious consequences.
In these circumstances it is our view that the public interest in maintaining the exemption outweighs the public interest in disclosing the information.

Section 24(1) – National security

In addition to the increased threats and incidents of cyber-crime, national security is also increasingly under threat from those organisations and individuals who seek to use technology to disrupt the workings of government. To limit these risks, we are also withholding the information for the purpose of safeguarding national security. This information is therefore also exempt by virtue of section 24(1) FOIA. This is a qualified exemption and the public interest test applies.
Again, we accept there is a legitimate public interest in the effectiveness of measures being employed to keep the parliamentary network safe and secure. This is especially important given that this infrastructure is maintained using public funds and is used by elected representatives to perform public duties.
However, we consider that it is not in the wider public interest to disclose this information because, as well as the risk posed to the security of the parliamentary network, there is also a risk of national security being compromised. Knowledge of the number of blocked emails by month or of what types of threat are blocked and in what numbers would allow potential cyber-attackers to build up a picture of our capability and capacity in this area. It could provide those groups or individuals with an indication of where to focus their efforts when targeting our systems. Groups planning attacks are known to conduct extensive research and will take advantage of the ‘mosaic effect’ by combining information from different sources. If this information were to be combined with other information already in the public domain or obtained from elsewhere, the disclosure of it could assist in mounting an effort to breach or bypass cyber security measures, with serious consequences. As Parliament is an essential part of the UK’s system of government and these security measures also protect the proper functioning of Government and the work of Ministers in Parliament, the disclosure of this information may also compromise national security.
In these circumstances it is our view that the public interest in maintaining the exemption outweighs the public interest in disclosing the information.