Cyber attacks against the Scottish Government information: FOI release

Information requested

An updated breakdown of the number of cyber attacks against the Scottish Government and its agencies in each of the past five years, as well as the names of which organisations were affected by these incidents.

Response

The Scottish Government is not a formal reporting agency for cyber incidents/attacks, which means that agencies are not obliged to report any cyber incidents or attacks they experience to us. However, we encourage any Scottish public body that does experience a cyber incident to notify the Scottish Government under the voluntary Scottish Public Sector Cyber Incident Notification Procedure so that we help to ensure that all relevant and necessary support can be provided. The year-by-year notification under this procedure of public bodies affected by a cyber-attack is as follows:-

Year: 2020 2021 2022 2023 2024 Number of cyber-attacks 11 10 8 10 20 (as of 3rd February 2025)

While our aim is to provide information to the public whenever possible, in this instance we are unable to provide some of the information you have requested because of exemptions under sections 30(c) of FOISA. The reason why this exemption applies is explained below.

Breakdown of which organisations suffered incidents/attacks over the five years - exempt under sections 30(c) (prejudice to effective conduct of public affairs).

Organisations report voluntarily to Scottish Government, and this allows us to effectively support them in their response to incidents and so that the whole sector can learn lessons. Disclosing information of this nature would undermine public bodies’ trust in Scottish Government, reduce the likelihood of them reporting to us and substantially prejudice our ability to effectively support the sector during cyber incidents.

Furthermore, revealing which organisations have experienced cyber attacks could help threat actors to map out security capabilities, enabling them to bypass any security controls. This knowledge could empower them to mount more effective and targeted attacks, significantly undermining the effective conduct and delivery of public affairs and services.

This exemption is subject to the ‘public interest test’. We recognise that there may be some interest by the public for this information; however after taking account of all the circumstances of this case, we have found that, on balance, applying this exemption is withheld in order to protect the confidentialitybased relationships across the sector; avoid publicising details of the incidents and avoid increasing the risk of further and more damaging cyber attacks on the sector.

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at https://www.gov.scot/foi-responses.

Contact Please quote the FOI reference Central Correspondence Unit Email: contactus@gov.scot Phone: 0300 244 4000 The Scottish Government St Andrew's House Regent Road Edinburgh EH1 3DG

Detected exemption language

The year-by-year notification under this procedure of public bodies affected by a cyber-attack is as follows:- Year: 2020 2021 2022 2023 2024 Number of cyber-attacks 11 10 8 10 20 (as of 3rd February 2025) While our aim is to provide information to the public whenever possible, in this instance we are unable to provide some of the information you have requested because of exemptions under sections 30(c) of FOISA. The reason why this exemption applies is explained below. This exemption is subject to the ‘public interest test’. We recognise that there may be some interest by the public for this information; however after taking account of all the circumstances of this case, we have found that, on balance, applying this exemption is withheld in order to protect the confidentialitybased relationships across the sector; avoid publicising details of the incidents and avoid increasing the risk of further and more damaging cyber attacks on the sector.

Attachments

No attachments found.

Similar releases

• Correspondence discussing the response to FOI request 202600503390: FOI release 2026-05-15 · partially withheld · 2 files
• Perth and Kinross broadband queries: FOI release 2026-05-14 · not held · 0 files
• Direct communication between the First Minister and Permanent Secretary and their associated offices: FOI Review 2026-05-14 · cost limit · 2 files
• Crown Office and Procurator Fiscal Service funding query: FOI release 2026-05-14 · unclear · 0 files
• Scottish Government documentation regarding the procurement of Oracle: FOI release 2026-05-14 · not held · 0 files
• Ministerial submissions, briefings and advice relating to body-worn video cameras for Police Scotland: FOI release 2026-05-14 · partially withheld · 0 files
• Brand Scotland marketing spend information: FOI release 2026-05-13 · unclear · 0 files
• Number of Freedom of Information requests which have proceeded to a review: FOI release 2026-05-13 · unclear · 0 files