- Does your organisation keep an incident log of cyber-attacks?
A log of successful attacks and specific threats is held
2. How many cyber-attacks – attempted and successful – were recorded against your organisation in the last three financial years, year-by-year (i.e. 2014/15, 2015/16, 2016/17)?
2014/15- One
2015/16-One
2016/17-One
3. Where cyber-attacks were successful, what kind of data and what amount of data, if any, was lost or stolen? Was it confidential?
No data was lost or stolen
4. For each case, please confirm: – the type of attack (e.g. ransom ware, denial of service etc.)
2014/15-Denial of service attack on website hosted by a third party
2015/16-Virus infection affecting one department only
2016/17-Ransomware- though not directly affected one of our third party suppliers was affected and a number of PCs supported by them were subsequently affected
5. What demand, if any, was made to resolve the attack? Did the organisation comply?
Not applicable
6. Whether the attack was reported to police or other responsible authority? Was the attacker traced/convicted?
Not applicable