Networking

07:00 AM
Mav Turner, Director of Product Marketing and Business Strategy, Security, SolarWinds
Mav Turner, Director of Product Marketing and Business Strategy, Security, SolarWinds
Slideshows
Connect Directly
Facebook
LinkedIn
Twitter
RSS
E-Mail
50%
50%

IT Security Horror Stories

In honor of Halloween and Cybersecurity Awareness Month, these tales from the IT crypt are sure to haunt your nightmares.
Previous
1 of 6
Next

Is it any coincidence that October, perhaps the spookiest month of the year, is also Cybersecurity Awareness Month? After all, cyberattacks and other security incidents can often turn into real-life nightmares. And so, in honor of this special month and the holiday it hosts, we asked our thwack community of IT professionals to share their creepiest IT security stories. This feature represents just a few of their eerie tales.

Don't be a victim like the lost souls in our stories. To protect your data center from the evil lurking around every corner, start by following these simple best practices:

  • Establish and document security policies/rules.
  • Restrict administrator rights on all systems if possible.
  • Educate end users on phishing and social engineering scams.
  • Have a set password expiration/rotation policy in place.
  • Have an incident response plan in place.
  • Have an arsenal of tools at your fingertips to help prevent and monitor in real-time for successful attacks, and if a breach does occur, to identify what was infected and the scope of systems affected.
  • Regroup after an incident to ensure appropriate actions have been taken to mitigate risk in the future.

(Image: gremlin/iStockphoto)

Previous
1 of 6
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
virsingh211
50%
50%
virsingh211,
User Rank: Ninja
11/10/2015 | 5:19:47 AM
Re: Nimda
I understand your point @Joe, Small sized business dont really prefer investing high amount in IT. I believe there comes the need of CSP, which can help you provide much more effective and secure network, what do you suggest.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
11/3/2015 | 9:19:53 AM
Re: IT Security Horror Stories
The task will never be 100% completed.  As P.T. Barnum put it, "There's a sucker born every minute."
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
11/3/2015 | 9:18:28 AM
Re: IT Security Horror Stories
@Brian: Scare tactics.  It's the same principle upon which a lot of ransomware operates.  Intimidate and trick the user into thinking he is in trouble with the law and has to pay up immediately -- creating a false sense of urgency while making it less likely the user will think clearly, research the issue, or discuss the issue.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
11/1/2015 | 10:24:46 PM
Re: IT Security Horror Stories
@zerox: Conversely, and funnily enough, I've gotten suspicious-looking emails that I've reported to the supposed sender -- only to find out that, yup, those emails were real.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
11/1/2015 | 10:23:30 PM
Re: Nimda
@virsingh: Of course, there are enterprise security software packages can counter all of these threats and more.  I prefer those even though I'm a small business.
ClassC
50%
50%
ClassC,
User Rank: Ninja
10/31/2015 | 5:23:18 PM
Re: IT Security Horror Stories
@Brian.Dean     Makes me wonder how far we have come with educating the end-user?  

It looks like there is still alot of work to do and a task that will never be accomplished due to human nature. 
ClassC
50%
50%
ClassC,
User Rank: Ninja
10/31/2015 | 5:19:30 PM
Re: IT Security Horror Stories
@Joe      Thanks for passing on this story. This is what security pro's or anyone entrusted with security have to deal with. It only takes one and often that one (which is in reality more than one)  who causes days of stress and work.

I am sure that executive would not be so fast to "see what would happen"   if they had to clean up the mess afterward.
Brian.Dean
50%
50%
Brian.Dean,
User Rank: Ninja
10/31/2015 | 5:13:06 PM
Re: IT Security Horror Stories
Another horror story takes place when a user is prompted to download and installs antivirus software that is actually a virus. In this case the user is trying to secure their system but, in doing so they introduce a threat into their system. 
zerox203
50%
50%
zerox203,
User Rank: Ninja
10/31/2015 | 5:55:55 AM
Re: IT Security Horror Stories
@Joe, Terrifying, but very instructive. The psychology element trumps all. Many well-seasoned security pros just *might* have clicked that link because it's such an *obvious* tactic that it 'must not really be a phishing email'. but, taking advantage of just that thought, the bad guys could use that exact tactic. It's the same logic at play in, say, poker. The most obvious bluff might not be a bluff. Ultimately you're playing a game of chance. Don't take that chance with your security.
virsingh211
50%
50%
virsingh211,
User Rank: Ninja
10/30/2015 | 1:18:59 AM
Re: Nimda
Good Joe, you mentioned Botnet, one of its own kind horror story. But recently i found that computer and network security companies have released software to counter botnets. Norton AntiBot was aimed at consumers.
Page 1 / 2   >   >>
Slideshows
Cartoon
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Twitter Feed