In other words - a typical cyber attack.
Yes, and in my real (
well out of the home life) I am a real CIO (Chief Information Officer) who is responsible for all Information Technology and Telephony (VOIP) systems. Even the CISO reports to me, and trust me, we would be having some heart to heart discussions after this and they would have to soul search if they (he/she) still wanted to stay with the company, or give them time to find some other gig. Sorry but upper management are pricks and have one responsibility. To the Owners/Shareholders/Customers. No one else.
But as someone with 30+ years in the seat, I would be the bad guy sitting (or standing with my back against the wall) in Charlie's office when he's screaming to get the systems back yesterday! I would be telling him, HELL NO!, (
it's good that the CIO can tell off the CEO sometimes).
It would go something like this:
"Charlie, I could get the systems back up and running in about 3-4 hours but I'm not going to do that. We came down because we had/have a vulnerability that we did not know about and still don't. If I restore the systems (you understand that we were 'TARGETED!! right?) the bad people will just exploit the same vulnerability and you'll be back down possibly even worse than we are now before the sun rises. And this time, instead of just encrypting some files and trying to ransom us, they will probably go out and delete files and dig deeper into more confidential data or attack the transmission and programming systems. Is that what you want me to do?
By now, Charlie is looking at me like I am Moses the wise man and Lord of the Dance. Because I've been to this party before and he hasn't. I'm going to keep the systems down, bring in experienced outside experts and do a complete forensic analysis as to exactly how they got in, any other ways of getting in and get all those patched before I even being to give the all clear to start restoring the systems.
If you don't trust me, fire me! If you don't trust the person that you've given to and has the keys to 'your' kingdom then by all means fire them. But I can tell you that the exploit that was used won't be able to be used again and that's why you pay me that salary that you griped about years ago when you hired me. I earn that money not over the course of a year but in situations just like this one, by keeping your company from going bankrupt! Now what I've said my peace, do you want to go to Denny's and get some pancakes while my people are busy doing their jobs or do you just want to vent some more?
P.S. The above exchange actually did occur at one of my companies early on when break-in's generally meant locking up PC's or systems and have not gotten as sophisticated as they are now. Except we went to a Mexican place he loved to keep talking. The discussion (it was with a CEO named Mark, BTW) went just about the same way. After we recovered he became one of my stanchest supporters, never questioned reasonable budget requests, from then on, and installed me as a standing report topic at every board meeting so that the board also understood these threats.
Luckily, I'm about couple years now from deciding to screw it all and start spending some of that money and get back with my wife and family full time. The reason I say luckily, is that I see something that not a lot of people see now and it scares the sh*t out of me.
What is that????
Attacks have become more sophisticated right? Now, who is thinking on the impact of AI (Artificial Intelligence) lead attacks that can try 1000's of permutations a second on target company and don't get tired or ever give up? This is the next major nightmare of CIO's and CISO's in any real company. I have attended and have spoken on this in a few conferences and most of the audience just sits there and stares with an "Aww sh*t" look on their faces and then run back to blast their security people on what they are going to do about something that
doesn't even exist yet but WILL!!!
End of soap box. I've already asked my assistant to schedule a meeting with my CISO about what the status of his projects are and what will be a future road map. Face to face and he lives in a different city! Just to underscore the importance of the subject.
www.cnbc.com
