Following last week’s global cyber-attack, which affected a number of NHS Trusts and a range of international organisations, we would like to reassure our customers that Disclosure Services infrastructure was not directly impacted by this incident. Disclosure Services is certified ISO27001:2013 and the service we provide employs a range of sophisticated security measures protecting the perimeter, communication links and multiple layers within the datacentres.
The WannaCry ransomware specifically targets vulnerabilities in Microsoft Windows devices. Microsoft released a patch to secure affected versions of Windows (MS17-010) in March 2017, and more information on this can be found here: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx.
There are a number of reassurances we can provide:
- The Anti-virus system in operation extends to include behaviour monitoring. This provides protection not only against known threats but also new, slightly modified or mutated variants that may be released in days to come.
- Our environments are regularly patched.
- Our perimeter defences include intrusion prevention techniques; we limit the attack surface and block known threats
- Application interfaces and communication between clients and the datacentres is encrypted to AES-256.
- Internal systems within Disclosure Services enjoy the same high protection as our client networks.
Our Technical and Security teams remain on high alert and have been working around the clock to ensure that your services continue to be fully protected.
We wish to re-iterate that all services remain available and are unaffected by the cyber-attack.
We would like to take the opportunity to remind our customers to continue to be extra vigilant when receiving suspicious emails and links, as this global cyber-attack has been spread through massive email phishing methods. Please pause and ‘Think’ before opening any suspicious attachments or clicking on links in emails you receive.
Please do not hesitate to contact our Service Desk for further information.
Director – Chief Information Officer