The recent ransomware attack named ‘WannaCry’ affected many organisations in the public and private sectors across all continents. It targeted IT systems by encrypting data, then demanded ransom payments in Bitcoin which can’t be traced.
The attacks were thought to have infected over 230,000 systems in over 150 countries. The UK’s NHS was widely affected with reports of 70,000 devices disrupted. These devices included MRI scanners, medical storage fridges, and operating theatre equipment.
WannaCry has raised questions about Oracle and SAP security patching and their outdated strategies. The stringent patching controls that customers put in place go through extensive testing in various environments. Then, the live system is protected with an old-fashioned model that leaves customers open to attack.
A solution to better protection
Security patching is an outdated model. At Support Revolution, we offer our customers a virtual patching solution that protects their whole environment. This also includes older software that the vendors no longer support.
It is estimated that WannaCry has cost organisations across the globe hundreds of millions – if not billions – of dollars. Cyber security therefore remains at the very top of a CIO’s list of priorities. Support Revolution takes security just as seriously. We pride ourselves on giving a far better and also safer service than the big vendors.
Our support model is based on being proactive. With the vendors’ approach, security patches are received quarterly. On average, most customers don’t apply them until three to six months later. This is due to the time it takes to progress these patches through internal test environments, while also competing with Business As Usual (BAU) project work. This scenario can leave customers vulnerable to threats for long periods of time.
This method adopted by the likes of Oracle and SAP is also dangerous. It is dependent on the vendor identifying loopholes within its own code, that can be accessed maliciously.
Our solution is to monitor the endpoint of the servers and databases in question. We monitor the network traffic and signatures to identify malicious threats, then provide protection immediately. This patching solution is called virtual patching.
Virtual patching
At Support Revolution, we use the Trend Micro Deep Security solution, recognised by Gartner as the market leader. Read the Endpoint Protection report on Gartner’s website for more information on this subject.
Our virtual patching approach enables organisations to apply fixes in almost real time. Virtual patching also goes above and beyond the current fixes offered by the big vendors.
For example, customers who are on an Extended Support contract with Oracle only receive patches and fixes for existing issues. This means that customers don’t have access to patches identified for new threats. Our solution takes care of all issues, offering an improved and secure service.
The latest WannaCry threat was identified on Friday 12 May 2017. Trend Micro had a virtual patching solution within just a few days. None of Support Revolution’s customers were affected by this attack.
We’d welcome the opportunity to explain our ISO accredited security fix processes.