- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
UK Government Staff Hit with Billions of Malicious Emails in 2021
UK government employees are targeted with billions of malicious emails every year and may have clicked on tens of thousands of suspicious links, according to Comparitech.
The tech comparison firm received answers from 260 government organizations to which it submitted freedom of information (FOI) requests.
From these, it then calculated that 764,331 government employees ‘received’ a total of nearly 2.7 billion malicious emails in 2021 – amounting to an average of 2399 each. It’s unclear how many of these actually made it into inboxes.
On average, 0.32% of malicious emails were opened by staff in 2021, and 0.67% of these incidents resulted in employees clicking through on potentially malicious links, the report claimed.
Comparitech calculated that this could mean as many as 57,736 suspicious links were clicked on last year by UK government employees. However, many of the 2.7 billion emails it extrapolated this figure from may have been blocked outright, which would significantly reduce that click-through number.
In fact, it admitted that higher figures for malicious emails ‘received’ don’t necessarily mean the departments in question are bigger targets for hackers, but rather it could be that their systems are better at filtering out suspect messages.
When assessed per employee, it appears that NHS Digital recorded the highest number of malicious emails for 2021 (89,353), followed by the government of Northern Ireland (34,561) and the Financial Reporting Council (25,992).
Elsewhere, the researchers’ attempts to better understand the ransomware threat to the government were limited by a lack of transparency from respondents.
“In 2021, one government department revealed it had detected 97 ransomware attacks in just 30 days (none of which were successful),” explained Comparitech’s Paul Bischoff.
“Seventy-one government departments were also happy to report that they hadn’t suffered a ransomware attack in 2021 (the remainder – 187 – didn’t disclose whether they had or not). Only two government organizations revealed that they had suffered a successful ransomware attack in 2021.”
Infosecurity has asked for more clarity on the report’s methodology.