Re: Bollocks
I know one of the companies hit was hit because they didn't patch. My understanding about the harvesting of cached credentials was that it depended on a (singular) Windows host being compromised by an alternative method to harvest those creds in the first place.
As for patching, they got rid of the people managing patching around 6 months prior as it was all being outsourced. Chances of patching being done between getting rid of those people and NotPetya based on the impact to their global operations? Zero... When they went to deploy new machines, they were wiped out almost instantly because (wait for it....) they weren't patched either... They needed to get a reseller to provide new standard builds as their outsourcer was unable to assist....