Skip to main content

Information Systems: Ministry of Defence

Volume 690: debated on Tuesday 13 March 2007

asked Her Majesty's Government:

In respect of the Ministry of Defence, (a) on how many occasions in the last year malicious programs have compromised departmental computer systems; and, for each occasion, how many machines were affected; how long it took to remove the programs from the system; and what was the impact on the department's activities; (b) what penetration tests of information systems have been carried out over the last year and what were the results, indicating in each instance whether the tests were carried out independently of the providers of the system concerned; and (c) on how many occasions in the last year the departmental management team has considered information risk. [HL2473]

The Ministry of Defence has deployed a comprehensive suite of safeguards to protect its departmental computer systems. However, in the past year (to February 2007) there have been 35 incidents reported in which malicious programs have compromised these safeguards. The department categorises—there are five levels, from very low to very high—all incident impacts. The following table provides the requested details.

No. of Incidents

Machines Involved

Impact Level

Recovery Time

Remarks

1

1

Very Low

Pending

Incident open

2

1

Very Low

Pending

Incident open

3

1

Low

Nil

Anti-Virus (AV) recovered

4

1

Low

Nil

AV recovered

5

1

Low

Nil

AV recovered

6

1

Low

Nil

AV recovered

7

1

Low

Nil

AV recovered

8

1

Low

Nil

AV recovered

9

1

Low

Nil

AV recovered

10

1

Low

Nil

AV recovered

11

1

Low

Nil

AV recovered

12

1

Low

Nil

AV recovered

13

1

Low

Nil

AV recovered

14

1

Low

Nil

AV recovered

15

1

Low

Nil

AV recovered

16

1

Low

Nil

AV recovered

17

1

Low

Nil

AV recovered

18

1

Low

Nil

AV recovered

19

1

Low

Nil

AV recovered

20

1

Low

Nil

AV recovered

21

1

Low

Nil

AV recovered

22

1

Low

Nil

AV recovered

23

1

Low

Nil

AV recovered

24

1

Low

Nil

AV recovered

25

1

Low

Nil

AV recovered

26

1

Low

Nil

AV recovered

27

1

Low

Nil

AV recovered

28

1

Low

Nil

AV recovered

29

1

Low

Nil

AV recovered

30

1

Low

Nil

AV recovered

31

1

Low

Pending

Virus quarantined

32

1

Low

1 Day

1 x box rebuilt

33

1

Med

Pending

Incident open

34

1

Med

Pending

Incident open

35

10

Med

2 Days

1 x Box rebuilt

9 x AV Updated

A total of 104 independent penetration tests were completed in the past year, in addition to those commissioned internally by system-operating authorities for which centralised records are not maintained. Invariably such testing identifies a range of issues that require subsequent rectification and/or risk acceptance. Specific details are classified; however, as a measure of the results, all systems tested last year retained their security-accredited status.