Two major cyber-attacks recently brought chaos to services across the globe. But thanks to Eduserv’s team of security specialists, our clients were fully protected at all times.

In May, the Wannacry cyber-attack spread a strain of ransomware by exploiting a vulnerability in older versions of the Windows operating system. When triggered, the malware locked the user’s computer and demanded a ransom.

Microsoft had been informed of a ‘zero-day vulnerability’ two months earlier and issued a patch as a result. A zero-day vulnerability is a security flaw that’s currently unknown, so as such it creates serious issues when exploited. Incidentally, the National Security Agency (NSA) had known about the flaw for some time but chose not to mention it.

At Eduserv, we take cyber-security extremely seriously. A team of specialists continually monitor our managed services and frequently complete vulnerability assessments to identify issues.

As soon as we became aware of Microsoft’s patch (MS17_10), it was handled urgently and applied throughout. As a result, all Eduserv clients were unaffected by the attack. In fact, due to a combination of various measures, such as firewalls and robust intrusion prevention systems, the network was fully protected from any malicious traffic.

The NHS wasn’t so well prepared and at least 16 health organisations were hit. Staff were reduced to communicating using pen and paper and operations were cancelled in several parts of the UK. It’s not entirely clear how this happened, but it’s most likely due to outdated operating systems and a slow reaction time to patching.

In late June, a second cyber-attack took advantage of the same security flaw to inflict further damage globally. The methods were even more sophisticated and even harder to detect. However, Eduserv’s security team were again one step ahead and every client remained unaffected.

Cyber-security is a complex area as criminals are continually looking to create increasingly elaborate malware and hacks. Ben Gummer, minister for Cabinet, recently stated that “Our adversaries are varied: organised criminal groups, ‘hactivists’, untrained teenagers and foreign states.”

It’s for that reason that Eduserv bakes in cyber-security from the outset, rather than treat it as an afterthought. Our specialists are involved right at the start of every project and work diligently throughout.

We’re proud of their aptitude and pragmatism at a time when the public sector is under such close scrutiny. It’s why our clients have successfully avoided every cyber-attack so far.

About the author

Sadi has a passion for ethical hacking. An ethical hacker attempts to bypass system security and search for security weaknesses in an application or operating system that could be exploited by malicious black hat hackers. These findings can be used by the organisation to improve system security in an effort to minimise or ideally eliminate any potential attacks.

Sadi’s focus is on finding vulnerabilities in web applications and network infrastructure, often while they’re still in development, and before a hacker can exploit them. This involves day-to-day security tests and weekly network and web application vulnerability assessments.

To get our advisers working seamlessly alongside your own team, email us or call 0844 5000 115