Information Systems: Ministry of Defence

House of Lords written question – answered on 13th March 2007.

Alert me about debates like this

Photo of Lord Harris of Haringey Lord Harris of Haringey Labour

asked Her Majesty's Government:

In respect of the Ministry of Defence, (a) on how many occasions in the last year malicious programs have compromised departmental computer systems; and, for each occasion, how many machines were affected; how long it took to remove the programs from the system; and what was the impact on the department's activities; (b) what penetration tests of information systems have been carried out over the last year and what were the results, indicating in each instance whether the tests were carried out independently of the providers of the system concerned; and (c) on how many occasions in the last year the departmental management team has considered information risk.

Photo of Lord Drayson Lord Drayson Minister of State, Ministry of Defence, Minister of State (Ministry of Defence) (Defence Equipment and Support)

The Ministry of Defence has deployed a comprehensive suite of safeguards to protect its departmental computer systems. However, in the past year (to February 2007) there have been 35 incidents reported in which malicious programs have compromised these safeguards. The department categorises—there are five levels, from very low to very high—all incident impacts. The following table provides the requested details.

No. of Incidents Machines Involved Impact Level Recovery Time Remarks
1 1 Very Low Pending Incident open
2 1 Very Low Pending Incident open
3 1 Low Nil Anti-Virus (AV) recovered
4 1 Low Nil AV recovered
5 1 Low Nil AV recovered
6 1 Low Nil AV recovered
7 1 Low Nil AV recovered
8 1 Low Nil AV recovered
9 1 Low Nil AV recovered
10 1 Low Nil AV recovered
11 1 Low Nil AV recovered
12 1 Low Nil AV recovered
13 1 Low Nil AV recovered
14 1 Low Nil AV recovered
15 1 Low Nil AV recovered
16 1 Low Nil AV recovered
17 1 Low Nil AV recovered
18 1 Low Nil AV recovered
19 1 Low Nil AV recovered
20 1 Low Nil AV recovered
21 1 Low Nil AV recovered
22 1 Low Nil AV recovered
23 1 Low Nil AV recovered
24 1 Low Nil AV recovered
25 1 Low Nil AV recovered
26 1 Low Nil AV recovered
27 1 Low Nil AV recovered
28 1 Low Nil AV recovered
29 1 Low Nil AV recovered
30 1 Low Nil AV recovered
31 1 Low Pending Virus quarantined
32 1 Low 1 Day 1 x box rebuilt
33 1 Med Pending Incident open
34 1 Med Pending Incident open
35 10 Med 2 Days 1 x Box rebuilt 9 x AV Updated

A total of 104 independent penetration tests were completed in the past year, in addition to those commissioned internally by system-operating authorities for which centralised records are not maintained. Invariably such testing identifies a range of issues that require subsequent rectification and/or risk acceptance. Specific details are classified; however, as a measure of the results, all systems tested last year retained their security-accredited status.

Does this answer the above question?

Yes0 people think so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.