Image Map Image Map
Results 1 to 9 of 9

Thread: What a crap show

  1. #1
    Join Date
    Sep 2017
    Location
    Porter County, Indiana, USA
    Posts
    146

    Default What a crap show

    So a client, we will call them ABC Manufacturing, ABC for short, calls yesterday saying they have ransomware on the server and all their files are encrypted. When a tech gets there he finds another tech from another IT company doing stuff. Turns out the company is in the middle of a shareholder dispute and two people claim they are the Owner / President and that the other has no authority to write checks. Our IT company is stuck right in the middle of this. each owner has submitted papers saying that the other has signed over all controlling rights. Obviously someone is lying here. I handed the whole thing over to my boss who contacted our company lawyer and said that we should step out and not get involved but this is a client that the company has had since I was in diapers. ABC actually placed quite a large order of XT/286 back in the day, and eventually they went with a PS/2 server with IBM AT machines as workstations, then to a Novell setup, and in the early 2000s they went with a 2003 server and XP clients which is what they run today, except the server was upgraded software wise to 2008 and the xp to win 7. It sucks to tell the company employees sorry we won't help you but I have a feelnig this ransomware infection was no accident, that one of the owners put it there. They have a Cisco 2600 router and ASA firewall, so im guessing someone let in the infection intentionally. any ideas what yall would do?

  2. #2
    Join Date
    Mar 2009
    Location
    Pleasant Hill, CA USA
    Posts
    2,722
    Blog Entries
    1

    Default

    I'd have made sure they were completely up to date with software updates, which has shown to stop the spread and infection of ransomware in the first place. After all, the major one was spread via a security hole in the SMB sharing subsystem that MS patched quite a while ago.

    But as far as the larger question of legal dispute you mention, I'd nope right out of there and tell them I'd come back once they have it resolved. I don't need that kind of legal liability in my life.

    IBM 5160 - 360k, 1.44Mb Floppies, NEC V20, 8087-3, 45MB MFM Hard Drive, Vega 7 Graphics, IBM 5154 Monitor running MS-DOS 5.00
    IBM PCJr Model 48360 640kb RAM, NEC V20,, jrIDE Side Cart, 360kb Floppy drives running MS-DOS 5.00
    Evergreen Am5x86-133 64Mb Ram, 8gb HDD, SB16 in a modified ATX case running IBM PC-DOS 7.10

  3. #3
    Join Date
    Jan 2007
    Location
    Pacific Northwest, USA
    Posts
    30,992
    Blog Entries
    20

    Default

    Same here. If you get involved in this, you may well find yourselves snagged in as a party in a lawsuit--or at best, being deposed and called as a witness. You don't need that kind of trouble, trust me.

  4. #4
    Join Date
    Jan 2010
    Location
    Central VA
    Posts
    4,380

    Default

    Yup, it sucks, but you have to stay out of it unless you want that level of involvement. Let them settle their problems by themselves, *then* call your services in. Plus, you'll probably actually get paid

  5. #5
    Join Date
    Sep 2008
    Location
    SE MI
    Posts
    3,928
    Blog Entries
    6

    Default

    Quote Originally Posted by IBMAT5170 View Post
    So a client, we will call them ABC Manufacturing, ABC for short, calls yesterday saying they have ransomware on the server and all their files are encrypted. When a tech gets there he finds another tech from another IT company doing stuff. Turns out the company is in the middle of a shareholder dispute and two people claim they are the Owner / President and that the other has no authority to write checks. Our IT company is stuck right in the middle of this. each owner has submitted papers saying that the other has signed over all controlling rights. Obviously someone is lying here. I handed the whole thing over to my boss who contacted our company lawyer and said that we should step out and not get involved but this is a client that the company has had since I was in diapers. ABC actually placed quite a large order of XT/286 back in the day, and eventually they went with a PS/2 server with IBM AT machines as workstations, then to a Novell setup, and in the early 2000s they went with a 2003 server and XP clients which is what they run today, except the server was upgraded software wise to 2008 and the xp to win 7. It sucks to tell the company employees sorry we won't help you but I have a feelnig this ransomware infection was no accident, that one of the owners put it there. They have a Cisco 2600 router and ASA firewall, so im guessing someone let in the infection intentionally. any ideas what yall would do?
    Head down to the 'ABC' cafeteria and ask the person who keeps the coffee pot going where there last paycheck came from.
    Surely not everyone was Kung-fu fighting

  6. #6

    Default

    Yeah, anything involving major legal disputes is a sign to hunker under your desk until the dust settles and the radiation levels drop.
    Computers: Amiga 1200, DEC VAXStation 4000/60, DEC MicroPDP-11/73
    Synthesizers: Roland JX-10/SH-09/MT-32/D-50, Yamaha DX7-II/V50/TX7/TG33/FB-01, Korg MS-20 Mini/ARP Odyssey/DW-8000/X5DR, Ensoniq SQ-80, E-mu Proteus/2, Moog Satellite, Oberheim SEM
    "'Legacy code' often differs from its suggested alternative by actually working and scaling." - Bjarne Stroustrup

  7. #7

    Default

    If your company lawyer said not to get involved, then I would listen and follow that counsel. That includes posting about it here.

  8. #8
    Join Date
    Sep 2017
    Location
    Porter County, Indiana, USA
    Posts
    146

    Default

    I did not post any identifiable information about them, nor will I

  9. #9

    Default

    I don't want us to get dragged into a lawsuit because our server knows your IP address.

    Don't bring outside legal problems here at all. Even if just "asking for a friend."

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •