"The Espionage Denial Nightmare" by Phill Shade

  • Client WTF. For your entertainment and enlightenment.

    Source (last story in the link): http://www.globalknowledge.com/training/generic.asp?pageid=3848&country=United+States&utm_medium=email&utm_source=email


    About three years ago while in a galaxy, unfortunately, all too nearby, I was working as a consultant for a small design company when I came across the nightmare of all nightmares: industrial espionage.

    The company designed distinctive cases for major vendors to house their products. I was contacted by another consultant who needed help analyzing a possible data breach. The issue was that their designs were showing up on the illegal markets, sometimes before they were even in production.

    Using Wireshark, GeoIP and graphical traceroute utilities, we discovered an internal connection originating in the company's design servers and reaching to St. Petersburg, Russia. Our next step was to set a trap. We created several fake designs and uploaded them to the server in question. We then attached Wireshark to a hub and connected the server back to the network switch. A capture filter was set inside Wireshark and set to the IP address of the server. We watched the very designs we had loaded into the server copied and transferred back to Russia. We had our villain!
    We saved all of our evidence, created a quick report and prepared our presentation. What ensued still blows my mind to this day. Rather than accepting our findings and thanking us, the client instead stated:

    "That can't be true, you're reading it wrong!"

    When I gathered my thoughts and asked why, the next shock ensued:

    "Our network can't possibly be compromised since we only use Mac computers and they are safe from hacking!" the client uttered with blind belief in modern advertising.

    When we dared to ask what sort of security software or hardware they used to protect the network and infrastructure, we received nearly the same answer. So hoping for the best, we presented our presentation to the department head, then the chief technology officer and finally the CEO. Each piece of evidence was met with the same statement that there had to be a mistake and there was no need to follow any of the recommendations as this would make operating the network too difficult.

    Completely at a loss for words all we could do was present the invoice for services rendered. The company was out of business in another year or so. I learned that sometimes all you can do is the job and the rest is up to the client.

  • @redwizard said:

    you're reading it wrong!

    We need a undefined except for things that Jeff would say.

  • @Maciejasjmj said:

    @redwizard said:
    you're reading it wrong!

    We need a undefined except for things that Jeff would say.

    I'm sorry, what's the issue?

  • Impossible Mission Players - A

    @redwizard said:

    can't possibly be compromised

    because insert oddly-shaped purple cylinder here is protecting us!

  • @redwizard said:

    >"That can't be true, you're readingholding it wrong!"

    Clearly the real cause of the data breach.

  • Impossible Mission Players - A

    @Dragnslcr said:

    data breach

  • @Tsaukpaetra said:

    because insert oddly-shaped purple cylinder here is protecting us!

  • "You're right, sir, I am reading it wrong. The files are actually being copied to {ping FuckingIdiotCEOComputer.local} this IP address. Why are you stealing from the company?"

    Once he's turfed (just kidding, he's a CEO-- once he's collected his multi-million dollar golden parachute and landed safely in another company), you turn back to the security.

    Upload some more fake diagrams. For machines with very subtle and hard to spot design flaws that will fail spectacularly, and with much explosions and fires and OW IT HURTS.

    Keep an eye on the BBC news for "The small Russian town of Whogivesafuck-engard exploded today..."

    Mission accomplished.

  • @Lorne_Kates said:

    The small Russian town of Whogivesafuck-engard issued an urgent recall notice on their latest product after 50 of their customers exploded earlier today


  • Discourse touched me in a no-no place

    @Lorne_Kates said:

    The small Russian town of Whogivesafuck-engardogorsk

    FTFY. I've seen those funky Russian town names.

Log in to reply

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.