Halloween is here and as you prepare for a spooky night of trick-or-treating CDN looked through the archives to find some of the scariest high tech news.
The CDN team was quite surprised to find that some of the news was downright mysterious and even scary. While some others, especially the one about Microsoft could make a case for some paranormal activity. Then we have those mishap stories that has some poor IT worker trapped in a data centre with no-way out.
We hope you really enjoy these creepy tales of IT mayhem. But if you get frightened just remember its only one day out of the year.
Ethical hacker Barnaby Jack was scheduled to keynote at the 2013 Black Hat show in Las Vegas this past July. The buzz around this presentation was enormous. Jack was going to blow the roof off of something security related. The rumours were that Jack was going to show how to assassinate someone through a breach in an implanted pacemaker. That presentation never happened. Barnaby Jack was found dead in his San Francisco apartment just a few weeks before the keynote at Black Hat. He was just 35. The cause of death is still unknown and has baffled police and the medical community to no end.
Jack came into prominence when he successful hacked into two ATMs at a Black Hat conference in 2011. He, remotely, made the ATMs rain money. The money was phony but the point was made that security systems is not a failsafe. He later hacked into an insulin pump and showed the audience that he could, remotely, inject lethal doses of insulin and the person would never know.
The Windows 7 operating systems was a very good product, but the way Microsoft released it was just horrifying. It was already a bad omen when Microsoft decided to release Windows 7 just before Halloween of 2009. The week long festivities were mired in bad luck.
It all started on the set of NBC’s Today show when Steve Ballmer was a guest and showed off Windows 7 on an older MacBook Pro that was filled with Windows 7 stickers but everyone watching could see what it truly was.
Then the Microsoft marketing department came up with the idea of a promotional Burger King Whopper called the Windows 7 Whopper. It’s hard to believe this today but the folks at Microsoft and Burger King came up with a hamburger that had seven patties. Somehow Microsoft’s marketing department convinced the producers of the hit animated TV series Family Guy to sell out and sing the praises of Windows 7 during one of its episodes. The backlash was unmerciful for Microsoft.
Then the evil spirits invaded the U.K. launch of Windows 7. During a demo of the Virtual Earth application the giant screens went dead because they lost the Internet connection. They tried again during a demo of the Sky Player and just when everything was working and things were getting back to normal it happened again.
In 2007, a Boeing-owned laptop with the personal data of about 12,000 former employees went missing on a flight. The company did not believe at the time any of the data would be compromised. The data on this notebook included the names, addresses and most importantly the social security numbers of these former employees. The company waited weeks to inform these people that a breach occurred.
Then one former employee found out that a criminal used the social security number to apply for credits all across the U.S.A. Most of those applications got rejected and showed up at this man’s mail box. Those rejections also show up on his credit score which was significantly lowered as a result.
To clear up this mess, he spent months on the phone in automated customer service hell. He had to convince call centre operators that who he was and that he did not live in places like Minnesota or Florida.
After clearing things up the credit card companies decided to put a fraud alert on his information. This would prevent criminals from obtaining a credit card under his information; however, it also prevented the man from opening up a bank account.
More than three years passed before he stopped getting credit card rejection letters in the mail. As for that missing notebook…well it’s still missing.
This nameless IT professional started his new job excited about the possibilities. Then he entered the server room from hell. The server room was four or five systems, and these were all dedicated to a 2003 AD, file/print server, and a couple application boxes (Quicken was one). They hadn’t been patched. Ever. The patch panel was split between phones (a VoIP system using PoE) and cat5. Nothing was routed, there was no cable management, and nothing was labeled. The company had bought into a three-year T1 contract that marginalized their data for the phones, resulting in performance that was worse than a DSL at a cost of greater than $1,200/month, and the firewall was a simple Juniper box with rules that were very complex, right up until the end, where it did an all/all/all. The UPS was amazing!
The engineers had used three batteries from solar installations (easily three feet tall apiece and over 200 lbs. each), chained them, added a 1000w converter (as you might find on a car), and chained that to a minuteman UPS and two small APC units (the converter wasn’t fast enough to switch the power during an outage).
TO FIND OUT WHAT HAPPENED NEXT CLICK TO THE NEXT SLIDE
This all combined for a total runtime of three days. No racks for the servers, just tables. One of the servers, their “most important” one, sat on an old desk. No cooling, either, and it was all stored in a closet that was accessed every day by everyone because the paper boxes were in there, too.
My task? Fix it all. In two weeks. I worked until 11pm or later on this project, getting stuck inside once due to the alarm system, and at the halfway point, my manager took the project away from me and declared that someone else, from 2,500 miles away (Denver-Alaska), would be taking over the project. He arrived a week later, and I was released for being unable to perform quickly enough.
This IT professional started a job at a rural hospital in California in the fall of 2009. Right away he began to get tickets. On his first day he found that the times on the clocks on almost all of the PCs were off by an hour. It didn’t take long to figure out that the PCs had not been patched for quite some time. After a little sleuthing, it was discovered that all 250+ XP PCs had not been patched beyond Service Pack 1, and many didn’t even have that. He asked the current sys-admin what was going on, and he said that he set up a WSUS to take care of everything, and that the PCs should be patched. Logging onto the WSUS was futile because it was dead (eventually figured out it was a failed motherboard, but that’s another story).
He started to wonder how someone couldn’t know how a WSUS server was down and that the PCs were not being patched for several years, but figured what was needed to be done to fix the issue. No problem, we’ve got spare room on another server, so just rebuild a WSUS and there, he thought to myself. He informed the IT director of what was happening and what was going to be done to remedy the situation. He proceeded to build a WSUS and started downloading all of the needed patches through the only connection to the Internet (a single T1 line). He let it run overnight thinking that all of the patches would be downloaded by the time he got in the next morning.
FOR PART 2 OF THIS SCARY IT STORY CLICK ON THE NEXT SLIDE
The next day we’re completely offline and nobody seems to know what’s going on. Most pings to outside our network time out. Those few that do come back have an extremely high latency. He soon realized to his horror that all 250 PCs were trying to download several years’ worth of patches along with several service packs from Microsoft through our single T1 line. He immediately asked the sys-admin what he changed, and he said that he deleted the GPO for the previous WSUS since it wasn’t working. He didn’t seem to realize that it would cause the PCs to try to get the patches from Microsoft.
Quickly he created a new GPO that pointed to the new WSUS, and got back online later that morning. This was only one of many interesting IT experiences at this hospital. He also once deleted the company’s entire DFS (Distributed File System) share infrastructure during the middle of the work day. Which caused ALL (300+) users to lose access to all their mapped drives, network shares, and desktops. Then to add salt to that open wound, an engineer informed him that there was no back-up of this data and no documentation of what was currently in the structure. So, in a live environment he had to organize the IT Support staff to recreate from memory of what was previously there. Thankfully, the team was able to get the DFS infrastructure back up within a few hours. This was definitely one of the top stressful moments of his IT career.
