Security Experts:

The Night Before Christmas in the Shoes of an IT Security Professional

IT Security Night Before Christmas

 

Twas the night before Christmas, when all through the house

Not a creature was stirring, not even a mouse.

The data was all safe, protected with care,

In hopes that year-end bonuses soon would be there.

  

The servers were nestled all safe in their racks

Protected from malware and vile forms of hacks.

The data all encrypted, with a nice complex key,

The software came, of course, with a great big huge fee.

 

Christmas OrnamentPolicy was written, compliance was done,

That had all been the exact opposite of fun.

Systems were patched, and locked one and all,

The team had done well, and they had stood tall.

 

Their audit was done, validation complete.

Their systems all ready, documentation all neat.

They had made it through ‘nother holiday season,

And were ready to cruise, it all stood to reason.

 

When from intrusion detection arose such a clatter,

The Admin sprang from his browser, watching Lohan get fatter.

Away to the consoles, he flew in a dash,

Checking faults and tripwire, computing their hash.

 

The light from the flat screens just made the place glow

The Admin then cursed, it could not be so.

Systems were crashing, the network was down,

It seemed almost like he was ready to drown.

 

College was easy, he got As and Bs,

These attacks were relentless,from overseas.

They seemed to be everywhere, attacks all at once,

They made him feel just like a big dunce.

 

His training took over, he set a grim face,

He quietly looked forward, to his happy place.

Cutting off systems, segmenting them away,

He was rolling right now, no time to play.

 

The pager just beeped and phones they did ring,

Event responders the noise then did bring.

Another server was hit, and suddenly dropped

The Denial of Service attack was not stopped. 

 

The admin felt helpless, and just needed a lift,

Like something from Claus, please one early gift.

When, what his wondering eyes they did spy,

An extra program running, and then he knew why.

 

That’s when he knew, he just knew, oh of course

This had all started with just one Trojan Horse.

Prolly came to a user through his e-mail,

Policy and training, to no avail.

 

He marched through the servers, saw them as bots

Chuckling now, thinking “that’s all you gots?”

Malware from servers, each one did he cull,

Sending them one at a time right to dev/null.

 

Now he was rolling, and almost chuckling with glee,

He looked up with dismay, what did he see?

The retail server was hit, and crashing, amok,

He SSHed in, but could only say “rats”.

 

He saw very quickly that they now had root,

And hoped that he would not get the boot.

As he sat back in his chair, and reached for a Dew,

He knew the primary site was all through.

 

He knew then and there it would be a long night,

So he switched everything to the failover site.

Laying his cursor on that one little app,

He clicked only once and prod1 took a nap.

 

He sprang for his phone, to his team gave a twitter,

Failover was done, and he had not been a quitter.

The net was a mess, the farm had been bought,

But in the end, it had not been for naught.

 

The systems had done for what they’d been built,

They’d been prodded and poked, and finally said “tilt”.

He was glad it had not been a resume generating event.

His last thought for the night was for the attackers to get bent

 

His relief came too little, and seemed way too late,

He had pulled eves alone, and faced his sole fate.

He briefed the next crew, with all he did know

And went outside, to fresh fallen snow.

 

He sprang to his Honda, and cranked up the tunes,

Wishing for beach, and wind tossed sand dunes

He said as he drove down the road to the night,

Merry Christmas to all, and to all a good-night. 

Subscribe to the SecurityWeek Email Briefing
view counter
Jon-Louis Heimerl is Director of Strategic Security for Omaha-based Solutionary, Inc., a provider of managed security solutions, compliance and security measurement, and security consulting services. Mr. Heimerl has over 25 years of experience in security and security programs, and his background includes everything from writing device drivers in assembler to running a world-wide network operation center for the US Government. Mr. Heimerl has also performed commercial consulting for a variety of industries, including many Fortune 500 clients. Mr. Heimerl's consulting experience includes security assessments, security awareness training, policy development, physical intrusion tests and social engineering exercises.