| Case Number | 8156 |
| Request Date | 31/08/2021 |
| Completion Date | 20/09/2021 |
Details of the Request
1. In the past three years has your organisation:
- Had any ransomware incidents? (An incident where an attacker attempted to, or successfully, encrypted a computing device within your organisation with the aim of extorting a payment or action in order to decrypt the device?) If yes, how many?
- Had any data rendered permanently inaccessible by a ransomware incident (i.e. some data was not able to be restored from back up.)
- Had any data rendered permanently inaccessible by a systems or equipment failure (i.e. some data was not able to be restored from back up.)
- Paid a ransom due to a ransomware incident / to obtain a decryption key or tool? If yes was the decryption successful, with all files recovered?
- Used a free decryption key or tool (e.g. from https://www.nomoreransom.org/)? If yes was the decryption successful, with all files recovered?
- Had a formal policy on ransomware payment? If yes please provide, or link, to all versions relevant to the 3 year period.
- Held meetings where policy on paying ransomware was discussed?
- Paid consultancy fees for malware, ransomware, or system intrusion investigation. If yes at what cost in each year?
- Used existing support contracts for malware, ransomware, or system intrusion investigation?
- Requested central government support for malware, ransomware, or system intrusion investigation?
- Paid for data recovery services? If yes at what cost in each year?
Details of the Response
1. In the past three years has your organisation:
| a. | Had any ransomware incidents? (An incident where an attacker attempted to, or successfully, encrypted a computing device within your organisation with the aim of extorting a payment or action in order to decrypt the device? ) | No |
| b. | Had any data rendered permanently inaccessible by a ransomware incident (i.e. some data was not able to be restored from back up.) | N/A |
| c. | Had any data rendered permanently inaccessible by a systems or equipment failure (i.e. some data was not able to be restored from back up.) | N/A |
| d. | Paid a ransom due to a ransomware incident / to obtain a decryption key or tool? | N/A |
| e. | Used a free decryption key or tool (e.g. from https://www.nomoreransom.org/)? | N/A |
| f. | Had a formal policy on ransomware payment? | No |
| g. | Held meetings where policy on paying ransomware was discussed? | No |
| h. | Paid consultancy fees for malware, ransomware, or system intrusion investigation | No |
| i. | Used existing support contracts for malware, ransomware, or system intrusion investigation? | Yes |
| j. | Requested central government support for malware, ransomware, or system intrusion investigation? | No |
| k. | Paid for data recovery services? | No |
| l. | Used existing contracts for data recovery services? | No |
| m. | Replaced IT infrastructure such as servers that have been compromised by malware? | No |
| n. | Replaced IT endpoints such as PCs, Laptops, Mobile devices that have been compromised by malware? | No |
| o. | Lost data due to portable electronic devices being mislaid, lost or destroyed? | 2020 = 1 incident |
2. Does your organisation use a cloud based office suite system such as Google Workspace (Formerly G Suite) or Microsoft’s Office 365?
Yes
a. If yes is this system’s data independently backed up, separately from that platform’s own tools?
No
3. Is an offsite data back-up a system in place for the following? (Offsite backup is the replication of the data to a server which is separated geographically from the system’s normal operating location site.)
a. Mobile devices such as phones and tablet computers N/A b. Desktop and laptop computers N/A c. Virtual desktops Yes d. Servers on premise Yes e. Co-located or hosted servers Yes f. Cloud hosted servers Yes g. Virtual machines No h. Data in SaaS applications No i. ERP / finance system N/A j. We do not use any offsite back-up systems
4. Are the services in question 3 backed up by a single system or are multiple systems used?
Multiple
5. Do you have a cloud migration strategy?
Yes
If so is there specific budget allocated to this?
No
6. How many Software as a Services (SaaS) applications are in place within your organisation?
1
a. How many have been adopted since January 2020?
1
