Service Updates

Vodafone In-direct Access (IDA) End Of Life – 06/04/2018

Following written notifications sent to customers on the 26th February 2018, the Vodafone In-Direct Access (IDA) service used to route outgoing calls becomes End Of Life on the 6th April 2018 (previously 31st March 2018). IDA is a service which allows outgoing calls to be prefixed with a 3 or 4 digit code to allow calls to route via an alternative provider to the one providing the lines to a site. This service is also known as Least Cost Routing (LCR) and may have been used to provide DDI billing or for home workers. It is likely, that currently, your telephone system or equipment is programmed to automatically prefix outgoing calls with the IDA Code (e.g 132 or 162) so you can use this service.

If you have a telephone system or other telephony equipment the IDA programming needs to be removed to allow calls to continue automatically. PLEASE NOTE: when the IDA programming is removed the calls will be routed via and billed by your line provider (e.g. BT Retail).

 

Email Issues – 28/03/2018

14.00

We are pleased to confirm that email services have been restored and monitoring is showing the services are stable.

To be certain affected emails were delivered to their intended recipient, we advise those that were impacted to resend the emails.

Apologies for the disruption this has caused.

11.17

Some customers may be experiencing difficulty with emailing us. We are aware of the issue and our engineers are now working on a resolution.  We apologise for any inconvenience caused and will provide further updates here if and when appropriate.

 

Planned Maintenance Notification – 16/03/2018

17:00

Following service disruption to a number of customers resulting from a major third party power cut in London earlier this week, our engineers are carrying out important maintenance work this evening to reinstate our server’s original power source.

Although unlikely, some customers affected by that power cut may experience an additional short interruption to their service between 7-9pm tonight (Friday) whilst this work takes effect.

It is important to note that, as reinstatement of the original power source is being carried out by a third party, the precise timing of this evening’s possible disruption is not within our full control.

We apologise in advance for any inconvenience that may be caused.

Major Service Outage – 13/03/2018

15:00

We are pleased to confirm both Data and Voice services have been restored and monitoring is showing the services are stable.

Apologies for the disruption this has caused.

13:25

Further to a power cut which has been affecting a third party provider upon which services to our customers depend, data services have now been restored.

However, restoration has resulted in a cessation of voice services for some customers, including some that were unaffected by the original power cut.

Our engineers are now working urgently to resolve this issue.

We apologise for the disruption and will provide further updates here where appropriate.

11:35

Urgent work continues to restore service to our customers. UK Power engineers are now at the scene working to restore power to the third party carrier on which our services depend. This includes looking at onsite and third-party generators to use.

The issue is compounded by the failover power source normally capable of instantly restoring service being situated in the same London area that is being affected by the power cut.

We apologise for the continued disruption which is unfortunately beyond our control.

We are of course working with all those involved to restore services to our customers as soon as possible.

Further updates will be provided here when appropriate.

10:55

Engineers continue to work on resolving a third party’s power cut affecting some of our customers.

We continue to apologise for the disruption and will provide further updates where appropriate.

09:55

Engineers are on site and are carrying out actions to restore power.

It is hoped that normal service will be resumed within the next hour.

We apologise for the continued disruption.

Further updates will be provided here if appropriate.

09:00

We are aware of a third party outage which is impacting a range of customers using Hosted Voice, Ethernet and some colo services due to a power outage in the London area which is impacting the data centre which these services are hosted within.

A note to advise this power outage is impacting a wide area in London.

At this stage, we do not have an ETA on the power being restored but we are escalating this matter.

We apologise for the inconvenience caused. Further updates will be provided here when appropriate.

 

Planned Maintenance Notification – 08/03/2018

Affected Services Network Connection
Affected Technology Internet AccessData Centre Telehouse North
Type At Risk
Planned Start 08 March 2018 09:00
Planned End 09 March 2017 09:00
Reason for Change Service Improvement Project
Reference Number CHG0074060

Summary

Daisy are carrying out essential work to increase capacity on our network infrastructure. During the maintenance window an additional pipe will be made live and traffic will be allowed to use the link.Daisy’s full change process has been completed including implementation, test and back-out plans which have been reviewed by senior technical reviewers and management. The following impacts and risks have been identified.

Impact

No impact is expected to services, as existing connections will remain live throughout the maintenance window.

Risk

During the maintenance window, there is a small risk that if there are any issues with the new link that are not picked up during testing then customers may experience degraded service.

Additional Information

This maintenance is being carried out under change number CHG0074060. Please contact the Service Desk quoting this change number if you have any queries.

Planned Maintenance Notification – 13/03/2018

Affected Services Network Connection
Affected Technology Internet AccessData Centre Telehouse North
Type At Risk
Planned Start 13 March 2018 22:00
Planned End 14 March 2017 06:00
Reason for Change Service Improvement Project
Reference Number CHG0074063

Summary

Daisy are carrying out essential work to increase capacity on a link on our core network infrastructure. During the maintenance window the work is to bring up the new connection in Telehouse and if all testing is successful, shutdown the old connection in Telia. Daisy’s full change process has been completed including implementation, test and back-out plans which have been reviewed by senior technical reviewers and management. The following impacts and risks have been identified.

Impact

No impact is expected to services as we will still have sufficient capacity via two other transit connections which will be live throughout the maintenance window.

Risk

During the whole maintenance window, there is a risk that customers may experience degraded service, if there are any issues with the new link that are not picked up during testing.

Additional Information

This maintenance is being carried out under change number CHG0074063. Please contact the Service Desk quoting this change number if you have any queries.

 

Name of Threat

‘Spectre’ and ‘Meltdown’

CVE References

CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754

Technical Summary

To improve performance many processor models attempt to predict the data that the system may require and move it to temporary cache memory on the processor. The data in this cache is not fully protected and can potentially be exploited.

Speculative execution allows a processor to predict which instructions will be executed next and fetch these from memory. The instructions are stored on the processor cache ready for use. If the processor incorrectly fetches instructions they should discard them but often do not completely remove them from the cache. Manipulating this feature, it is possible to create a code to deliberately trick the processor to call sensitive information from memory into the cache and potentially access the data.

Risk Analysis

Daisy has categorised the current risk level as MEDIUM based upon the impact and likelihood of impact as depicted in the matrix below. The risk level was calculated by a combination of impact and likelihood of impact. In this case high impact coupled with low likelihood of impact produces a medium risk as per the following matrix:

Direct and persistent access to affected servers required. Daisy perimeter security restricts access to authorised users.Factors contributing to the decision to classify the likelihood of impact as LOW include the following:

  • No known successful unauthorised exploits of these threats.

Factors contributing to the decision to classify the impact as HIGH include the following:

  • Exploit can be used to obtain critical information.

Mitigation Approach

Daisy will be taking the approach of patching hypervisors initially followed by virtual/physical machine operating systems. As hardware vendors release new firmware versions related to these vulnerabilities, Daisy will review and schedule upgrades accordingly.

For Daisy shared platforms the programme of maintenance to apply these patches at the Hypervisor level will commence this week. This work will take place under change control and will not be service affecting for customers. Customers with dedicated platforms managed by Daisy will be contacted to discuss the required remediation work.

In order to commence with patching the virtual/physical machine operating systems it is necessary to confirm compatibility with the anti-virus software installed on each machine. Anti-virus vendors are currently updating their products in order to ensure compatibility with the Microsoft patches and secondly to update specific registry settings which are required to allow the Microsoft patches to install. Daisy is monitoring this situation and will be confirming anti-virus product compatibility before commencing with virtual/physical machine operating system patching.

There have been reports of potential performance degradation following deployment of these patches, however advice from our vendors suggests that any performance degradation should not be significant and this correlates with testing undertaken by Daisy.

 

Service Disruption

Recent severe weather conditions in parts of the UK have resulted in a spike in faults affecting lines and calls and broadband services. We have been informed by our infrastructure provider Openreach that faults in the following affected areas are subject to extended resolution times.

 

North East Scotland

Exeter

Colchester & Ipswich

Swansea & West Wales

Hampshire

 

We apologise for any inconvenience caused through this period.

WannaCry Cyberattack Update

A huge amount of work is ongoing by our IT and security teams in the wake of the global ‘WannaCry’ ransomware attack which targeted the NHS.

Whilst there is no evidence that any Daisy customers were affected by the attack, we are taking several steps to provide the best possible protection.

A huge server patching operation is now underway, which will update and improve security for all of our customers and end users.

Specific and detailed messaging is being issued to those customers who require it, and our security and IT teams are working closely with our customer service teams to ensure an effective, joined-up approach.

Our Security Practice Director Nick Burrows has written an insightful and informative blog, which can be found here.

The relevant Microsoft Security Bulletin is here:

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Update on alleged China-based hacking investigation

Further to the recent notification regarding the APT10 hacking group, vendors for the technical security controls protecting the Daisy environment from cyber threats have each confirmed they are aware of the developing situation and their respective platforms and/or threat intelligence feeds have been, and will continue to be, updated to detect and block APT10 indicators.

Furthermore, analysis of our mail and firewall log data has revealed no past breaches relating to APT10 indicators.

We can also reconfirm we are NOT among the service providers the UK National Cyber Security Centre (NCSC) has contacted as having been breached.

ALLEGED CHINA-BASED HACKING INVESTIGATION

A government investigation has this week revealed that China-based criminal hackers have been targeting UK businesses for the past year – in some cases breaching security and accessing data.

The UK National Cyber Security Centre (NCSC) is now working closely with businesses it believes have been targeted.

The investigation’s findings – which have been reported in the media – reveal that the group responsible is called APT10, and that it has used custom malware and spear phishing techniques to target managed outsourced IT service companies as a ‘stepping stone’ into customers’ systems.

It is important to understand that we have robust security measures in place to defend against cyber attack, and that, to date, the NCSC has NOT confirmed that we have suffered a breach.

Our security technical controls each have a respective dynamic threat intelligence subscription, so we’re requesting vendors confirm their feeds have been updated to identify and block APT10 indicators and to make any configuration recommendations. This includes from Cisco, Arbor, Microsoft, McAfee, Palo Alto, Trend & Mimecast.

Further to this, we are today reviewing our internal monitoring processes to determine if any additional mitigation is possible.

Our security audit partner, NCC Group, who have been working with the NCSC on this for a few weeks now alongside PwC and BAE, are qualifying these activities to provide additional assurance that we are covering all bases.

We trust this instils confidence that we are taking the appropriate steps to ensure the protection of our network and our customer environments, however please do not hesitate to get in touch for further information.