Tags


Latest Posts


Latest Comments


Authors

No Wanna, no Cry

mark-hall.jpg

Posted by |

I’ve just submitted a final report to our Board on last month’s WannaCry ransomware attack that managed to relegate election news to the inside pages for a couple of days. The WannaCry cryptoworm reportedly infected more than 230,000 computers across over 150 countries within a single day using an exploit of Windows' Server Message Block (SMB) protocol. Within the UK the NHS was amongst the hardest effected with least 16 health service organisations hit, leaving staff to use pen and paper and some hospitals and doctors' surgeries were forced to turn away patients and cancel appointments due to lack of access to systems.

Although there's satisfaction, but no surprise, in stating for the record that no system under our control – both our own and those of our clients – experienced any negative impact or outage as a result of the WannaCry attack. When that cryptoworm startled wiggling its destructive way, we were well protected and well prepared. In recent times, we’ve significantly uprated our threat intelligence and assessment capabilities, and we’ve nurtured a close relationship with the national cyber authorities too; so when the time came, we were very well informed, and abreast of how the situation was developing and how best to implement suitable counter-measures.

The upshot was that we were not therefore forced onto the back foot; and we had more time, awareness and resource to get across the full impact of the attack and to mobilise ourselves to help mitigate some of the pain and issues our customers were experiencing. Consequently we got firmly onto the front foot, helping customers cope with the aftermath, pre-empting possible issues through network monitoring and alerting, assisting with proactive patch management, and reaching out with the latest information and advice. Here was a situation where it didn’t matter what someone’s terms and conditions said, all that mattered was that you were a Redcentric customer. Over 900 servers were patched as a result; dozens of notifications were made as we picked up indicators of anomalous network activity; and we were able to work diligently and collegiately with clients to prevent any damage and diffuse panic. An unlooked for but welcome consequence nonetheless of this response was that a number of customers have now reached out to take additional security services from us, such as upgrading their firewalls to include Unified Threat Management. Virtue may be its own reward but new business is equally welcome!

This was our version of Business as Usual, driven by our strong service ethos. It's an approach that we believe you should expect from your managed service provider; it may be tempting to couch it in terms of 'going the extra mile' but really it should be seen as standard client care and customer centricity. This was a difficult, awkward episode for many; but we were there to ensure the minimum number of tears around WannaCry.

Comments

 

Post a comment

Comment submitted! Comments needs approval before being displayed.