I am requesting information about all cyber attacks reported to your force.
By “cyber attack” I mean the unauthorised access to or deliberate disruption of a computer system or device which is a crime under the Computer Misuse Act 1990.
1) How many separate reports of cyber attacks on
a. local authorities or government departments
b. local hospitals or NHS departments
c. local schools, academies or universities
has your force have received in the last five years since 1 January 2010?
2) For each separate report of an attack, please provide the name of the
a. local authority or government department
b. local hospital or NHS department
c. local school, academy or university
that was attacked, as well as
d. the date the attack was reported
e. the type of attack.
f. the type of data accessed
3) For each separate report of an attack, please provide the current status of the case/investigation.
The Freedom of Information Act places two responsibilities on public authorities, the first of which is to confirm what information it holds and secondly to then disclose that information, unless exemptions apply.
In this case, this letter represents a Refusal Notice for the information that is not being released. The information is exempt by virtue of the following exemptions
S30(1)(a) – Investigations
These exemptions and explanatory notes are shown here:
In line with the above, I am required to complete a Prejudice Test/Public Interest Test (PIT) on disclosure. Please find this PIT below.
Factors favouring disclosure
The disclosure of information would provide an insight into the police service and enable the public to have better understanding of the effectiveness of the police. Disclosure of information could allow the public to make informed decisions about how the police investigate cyber crime. Where public funds are being spent, there is a public interest in accountability and justifying the use of public money.
Factors against disclosure
The disclosure of information in relation to specific reported cyber crime incidents would hinder the prevention or detection of crime. West Midlands Police would not wish to reveal details about cyber crimes that have been used to target government, schools and other authorities as this would clearly undermine the law enforcement and investigative process. The details will form part of an investigation which may still be ongoing and could undermine the effectiveness of the investigations. The disclosure would identity which cyber attacks had been reported and which others had not been detected. This would undermine the ongoing investigations and potentially any others in the future.
The effectiveness of investigations and the intelligence they provide is of paramount importance and the Police service will not divulge details that would compromise ongoing investigations.
Whilst there is a public interest in the transparency of policing operations and providing assurance that the police service is appropriately and effectively engaging with the threat posed by various groups or individuals there is a very strong public interest in safeguarding the integrity of police investigations and operations.
As much as there is public interest in knowing that policing activity is appropriate and balanced this will only be overridden in exceptional circumstances. Identifying investigative information around cyber crime would undermine any current investigations and any that may occur in the future. It is therefore vitally important that this information is not disclosed.