Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

The Night Before Christmas in the Shoes of an IT Security Professional

IT Security Night Before Christmas

 

Twas the night before Christmas, when all through the house

IT Security Night Before Christmas

 

Twas the night before Christmas, when all through the house

Not a creature was stirring, not even a mouse.

The data was all safe, protected with care,

In hopes that year-end bonuses soon would be there.

  

The servers were nestled all safe in their racks

Protected from malware and vile forms of hacks.

Advertisement. Scroll to continue reading.

The data all encrypted, with a nice complex key,

The software came, of course, with a great big huge fee.

 

Christmas OrnamentPolicy was written, compliance was done,

That had all been the exact opposite of fun.

Systems were patched, and locked one and all,

The team had done well, and they had stood tall.

 

Their audit was done, validation complete.

Their systems all ready, documentation all neat.

They had made it through ‘nother holiday season,

And were ready to cruise, it all stood to reason.

 

When from intrusion detection arose such a clatter,

The Admin sprang from his browser, watching Lohan get fatter.

Away to the consoles, he flew in a dash,

Checking faults and tripwire, computing their hash.

 

The light from the flat screens just made the place glow

The Admin then cursed, it could not be so.

Systems were crashing, the network was down,

It seemed almost like he was ready to drown.

 

College was easy, he got As and Bs,

These attacks were relentless,from overseas.

They seemed to be everywhere, attacks all at once,

They made him feel just like a big dunce.

 

His training took over, he set a grim face,

He quietly looked forward, to his happy place.

Cutting off systems, segmenting them away,

He was rolling right now, no time to play.

 

The pager just beeped and phones they did ring,

Event responders the noise then did bring.

Another server was hit, and suddenly dropped

The Denial of Service attack was not stopped. 

 

The admin felt helpless, and just needed a lift,

Like something from Claus, please one early gift.

When, what his wondering eyes they did spy,

An extra program running, and then he knew why.

 

That’s when he knew, he just knew, oh of course

This had all started with just one Trojan Horse.

Prolly came to a user through his e-mail,

Policy and training, to no avail.

 

He marched through the servers, saw them as bots

Chuckling now, thinking “that’s all you gots?”

Malware from servers, each one did he cull,

Sending them one at a time right to dev/null.

 

Now he was rolling, and almost chuckling with glee,

He looked up with dismay, what did he see?

The retail server was hit, and crashing, amok,

He SSHed in, but could only say “rats”.

 

He saw very quickly that they now had root,

And hoped that he would not get the boot.

As he sat back in his chair, and reached for a Dew,

He knew the primary site was all through.

 

He knew then and there it would be a long night,

So he switched everything to the failover site.

Laying his cursor on that one little app,

He clicked only once and prod1 took a nap.

 

He sprang for his phone, to his team gave a twitter,

Failover was done, and he had not been a quitter.

The net was a mess, the farm had been bought,

But in the end, it had not been for naught.

 

The systems had done for what they’d been built,

They’d been prodded and poked, and finally said “tilt”.

He was glad it had not been a resume generating event.

His last thought for the night was for the attackers to get bent

 

His relief came too little, and seemed way too late,

He had pulled eves alone, and faced his sole fate.

He briefed the next crew, with all he did know

And went outside, to fresh fallen snow.

 

He sprang to his Honda, and cranked up the tunes,

Wishing for beach, and wind tossed sand dunes

He said as he drove down the road to the night,

Merry Christmas to all, and to all a good-night. 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem