Delt Shared Services

  • Delt Shared ServicesDelt Shared Services
  • Who We Are
    • Who We Are
    • Delt Film
    • Business Plan
    • Our Visions & Values
    • Board of Directors
    • Our Customers
    • Supporting Our Communities
    • Procurement, Contracts & FOI
  • What We Do
    • What We Do
    • IT Services
    • IT Service Management
    • Business Applications
    • IT Infrastructure Solutions
    • Solution Design & Delivery
    • Payroll & Pensions
    • Cyber and Data Protection
    • Print & Mail
    • HR and Organisational Development
    • Digital and Business Change
  • Team
  • Careers
    • Careers
    • Current Vacancies
    • Benefits & Perks
  • Blog
  • Contact
  • Search
  • T: +44 (0)1752 308888

There Are Times I Just WannaCry About Patching

17/05/2017adminBlogComments Off on There Are Times I Just WannaCry About Patching

There Are Times I Just WannaCry About Patching

The ransomware excitement of last Friday afternoon demonstrated that the work that Delt has done on cyber security and incident response has significantly paid off. There is some significant credit to be shared that we remained not only ransomare free but that our preparation for such an event was such that I got to spend the evening writing press releases that explained we were all clean and why rather than trying to explain why we had been breached. At this moment in Delt’s life and with significant expansion on the cards a cyber security breach could have cost us much more than a few negative press stories.

Those of you who worked late into the night on Friday, over the weekend and into Monday to protect our customers, thank you.

We did well and our customers, both current and potential, have been vocal in their praise to our response. However we need to be self aware enough to know that we dodged a bullet.

  • We had a high level of patching but it wasn’t 100% on either clients or servers
  • When we looked, our different management tools reported very different things. Neither AD or CMDB were anything like up to date. It was not easy to establish AV and patch status
  • It took until Monday afternoon for us to fully identify unpatched devices and take steps sort it
  • On Monday evening, 72 hours after the attack we still had almost 200 machines that were not patched. Not all of these were active and would have patched on next boot but some were still vulnerable
  • We thought that a protocol used by the attack was blocked across some of the estate when it wasn’t

Applying a patch that fails is no good unless we know and quickly correct it. Applying a patch that needs a reboot and then not forcing a timely reboot is fairly useless. Deciding not to apply a patch to a server because it requires downtime and the client won’t agree to needs robust challenge.

There are a number of lessons learned from the weekend, some of which are already in progress, like forced reboot and some of which you’ll see over coming weeks, like improving AD quality.

the future it wouldn’t be the end of the world to explain that we had a system down or an outage because of a patch current policy but I don’t ever want to have to explain why we were breached by something that should already have been patched. I know patching is time consuming, expensive and disruptive but we must patch current and be able to prove it.

Giles Letheren – Chief Executive Officer

Tweet

RECENT POSTS

  • Thursday War
  • Lies Matter
  • Board Minutes 23 Sep 2019
  • Gary Pettitt – Chief Project Officer
  • Chris Sparrow – Head of Client Acquisition

Delt Shared Services Ltd. is the premier shared services provider in the South West of England.

Registered in England 09098450

© 2019 Delt Shared Services Ltd. All Rights Reserved.

Delt Shared Services Ltd.
2 Derriford Business Park, Derriford, Plymouth, PL6 5QZ

Telephone: +44(0)1752 308888
Email: info@deltservices.co.uk
Customer Portal: ServiceNow

Terms & Conditions

Privacy Policy

Cookie Policy

Modern Slavery

Delt Website Contact Facebook Icon Small  Delt Website Contact Twitter Icon Small  Delt Website Contact LinkedIn Icon Small

This website uses cookies to provide you with the best browsing experience.

Find out more or adjust your settings.

Delt Shared Services
Powered by GDPR plugin
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Cookie Policy

More information about our Cookie Policy