this gentleman was working at SBG a media conglomerate in America. during a troubleshooting process while they were using the system internal tools specifically TCP View(https://docs.microsoft.com/en-us/sysinternals/downloads/tcpv...). they noticed that a certain address/domain kept showing up regularly even though no code was set to talk to that address. this responsible engineer promptly told his manager only to never hear it mentioned again. 1-2 months later that was one of the addresses listed as part of the solarwinds fiasco.
another episode was when this same engineer noticed that a fellow engineer was irresponsibly and probably due to inexperience unknowingly inserting a backdoor in a process via eval on unfiltered input coming in via a command line param, a no no. this engineer was notified by the other and provided with a simple exploit only to receive yelling and gaslighting in return and statements such as "we don't care about these things at this company." eventually the manager was notified and his response was: "i have told them so many times about this" yet that also never went anywhere
security is a layered process but with stories such as these it's no wonder attacks are common, someone somewhere will behave like the characters in the stories and that is all it takes, amplify that across all the companies in business and the other side has a pretty easy time finding open doors
as long as management creates an environment where disclosure is considered "rocking the boat" managers and employees will never do the right thing.
this gentleman was working at SBG a media conglomerate in America. during a troubleshooting process while they were using the system internal tools specifically TCP View(https://docs.microsoft.com/en-us/sysinternals/downloads/tcpv...). they noticed that a certain address/domain kept showing up regularly even though no code was set to talk to that address. this responsible engineer promptly told his manager only to never hear it mentioned again. 1-2 months later that was one of the addresses listed as part of the solarwinds fiasco.
another episode was when this same engineer noticed that a fellow engineer was irresponsibly and probably due to inexperience unknowingly inserting a backdoor in a process via eval on unfiltered input coming in via a command line param, a no no. this engineer was notified by the other and provided with a simple exploit only to receive yelling and gaslighting in return and statements such as "we don't care about these things at this company." eventually the manager was notified and his response was: "i have told them so many times about this" yet that also never went anywhere
security is a layered process but with stories such as these it's no wonder attacks are common, someone somewhere will behave like the characters in the stories and that is all it takes, amplify that across all the companies in business and the other side has a pretty easy time finding open doors
as long as management creates an environment where disclosure is considered "rocking the boat" managers and employees will never do the right thing.