"We've been hacked." Our IT Manager tell us one morning as he stands on a chair to change the bulb in the alert light from green to red.
With the red bulb flashing and the alarm wailing, we all pluck up our ears and our then Senior Server Analyst frowns slightly and calmly asks. "Why? What's been hacked?"
"Oh, everything. Our entire network is compromised" our Manager panics, his glasses slipping down his nose. His thick grey hair seemed bigger than ever and he was clearly in a tizz.
"How do you know?" We ask with a lack of concern as we check the network to make sure all was well. Everything appeared to be in their proper places, the user accounts, the file shares and even the gaming server that we had built out of a desktop and stashed under the desk. Phew! Tomorrow's, out of hours Half-Life gaming session was still on.
"Because he rang up and told us." Our Manager continued.
"Who did?" We ask in chorus.
"The hacker!"
We all sit silently puzzled at the last comment, trying to grasp what we were being told.
"So someone hacked in, compromised us, and then rang up and told us?" I ask.
"Well... No. He tried to hack in, found he could and then told us we have a security problem." Our Manager said with slightly less panic in his voice when he saw just how unmoved we all were.
We change the bulb from Red to Amber and we go back to checking our email and doing all the other things we do to keep the network up and running.
Our Senior Server Analyst asks for more information. What did he access? How did he access it?
"You can ask him, he's coming in tomorrow to discuss it. You can sit down with him and he'll show you. We'll pay him for the day."
The next day...
The guy turns up looking very sheepish as we watch him enter the Server Room. Half an hour later, we hear some muffled shouting from the server room. We take a peek, only to see a scruffy teenager with unruly hair and baggy trousers being ejected from the room and the door slamming shut behind him.
As the dust settled, we waited for the youth to straighten his jacket, pull up his trousers and bob away out of the building, before we rush into the Server Room to find out what happened.
"What a *&^%ing #£$%!" Was the first thing Our Senior Server Analyst said before we had even sat down. This guy was always abrupt and to the point right up to the day he left.
This is what he told us had happened:
Everything had started off fine, the 'Hacker' had come in and explained what he had managed to achieve. Then the fun began. Our Senior Server Analyst watched in disbelief as the guy showed him his special skills and what he could do with them. Or NOT as it turned out.
To begin with the guy had performed the so called 'hacking' from within the company network, not from outside. It then became apparent that he had found out the local administrator password and logged on to the computer as that. Once logged on, all he could do was administer the local PC. The worst thing he had done was change the desktop wallpaper to a picture of a Ferrari. He had NOT hacked anything. His statements that he had been able to access everything on the network was a complete and total lie.
Our Senior Server Analyst had then given the guy a few choice words and almost booted him out of the server room.
We changed the local administrator password via group policy the same hour, and surprisingly enough, we had no more network security issues involving this individual. All that was left was to change the bulb back to green.
No comments:
Post a Comment