- 24 Sep 2018
Date received: 12 September 2018
Date responded: 21 September 2018
Whilst we are able to provide you with information on cyber-attacks on the Scottish Government in 2018 as per your request, information on the what steps are taken to halt attacks in the future is subject to an exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs).
Disclosing this information would substantially prejudice our ability to protect government assets and digital information.
Providing specific details about the products and equipment we use in Cyber Security and Defence and the Cyber Security Operations Centre could subsequently be used by attackers or hackers to circumvent these defences. This could potentially enable them to target other types of attack or specific components of our defences and would constitute substantial prejudice to the effective conduct of public affairs in terms of the exemption.
This exemption is subject to the ‘public interest test’. Therefore, taking account of all the circumstances of this case, we have considered if the public interest in disclosing the information outweighs the public interest in applying the exemption. We have found that, on balance, the public interest lies in favour of upholding the exemption.
NB ‘core Scottish Government’ refers to all Scottish Government Directorates and does not cover Executive Agencies, Executive Non-Departmental Public Bodies, Non-Ministerial Departments or other associated bodies.
The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses
Please quote the FOI reference
Central Enquiry Unit
Phone: 0300 244 4000
The Scottish Government
St Andrew's House