- ITDM 2025 전망 | “비전을 품은 기술 투자, 모두가 주춤한 시기에 진가 발휘할 것” 컬리 박성철 본부장
- 최형광 칼럼 | 2025 CES @혁신기술 리터러시
- The Model Context Protocol: Simplifying Building AI apps with Anthropic Claude Desktop and Docker | Docker
- This robot vacuum and mop performs as well as some flagship models - but at half the price
- Finally, a ThinkPad model that checks all the boxes for me as a working professional
UK Government Staff Hit with Billions of Malicious Emails in 2021
UK government employees are targeted with billions of malicious emails every year and may have clicked on tens of thousands of suspicious links, according to Comparitech.
The tech comparison firm received answers from 260 government organizations to which it submitted freedom of information (FOI) requests.
From these, it then calculated that 764,331 government employees ‘received’ a total of nearly 2.7 billion malicious emails in 2021 – amounting to an average of 2399 each. It’s unclear how many of these actually made it into inboxes.
On average, 0.32% of malicious emails were opened by staff in 2021, and 0.67% of these incidents resulted in employees clicking through on potentially malicious links, the report claimed.
Comparitech calculated that this could mean as many as 57,736 suspicious links were clicked on last year by UK government employees. However, many of the 2.7 billion emails it extrapolated this figure from may have been blocked outright, which would significantly reduce that click-through number.
In fact, it admitted that higher figures for malicious emails ‘received’ don’t necessarily mean the departments in question are bigger targets for hackers, but rather it could be that their systems are better at filtering out suspect messages.
When assessed per employee, it appears that NHS Digital recorded the highest number of malicious emails for 2021 (89,353), followed by the government of Northern Ireland (34,561) and the Financial Reporting Council (25,992).
Elsewhere, the researchers’ attempts to better understand the ransomware threat to the government were limited by a lack of transparency from respondents.
“In 2021, one government department revealed it had detected 97 ransomware attacks in just 30 days (none of which were successful),” explained Comparitech’s Paul Bischoff.
“Seventy-one government departments were also happy to report that they hadn’t suffered a ransomware attack in 2021 (the remainder – 187 – didn’t disclose whether they had or not). Only two government organizations revealed that they had suffered a successful ransomware attack in 2021.”
Infosecurity has asked for more clarity on the report’s methodology.