A security contractor's discovery of rampant malware and an absent IT team led to the dismissal of two support staff who had been ignoring critical security alerts.
A security contractor's discovery of widespread malware and an absent IT team led to the dismissal of two support staff who had been ignoring critical security alerts, according to a reader-submitted story to The Register's "Who, Me?" column.
The incident began when the contractor, who The Register refers to as "Brad," was working at a desk in the office of a labor hire company that arranged his contracts. The arrangement was unusual - Brad's client had downsized and no longer had space for him, so he worked from the labor hire company's office while being careful to protect client data.
One day, Brad's antivirus system displayed a warning with a wriggling bug animation. Acting quickly, he quarantined the threat, disconnected his network cable, and shut down his machine. When he called the helpdesk, nobody answered - a telling sign of the support team's responsiveness.
Brad then approached a middle manager to ask about antivirus alerts. The manager confirmed they appeared "quite often" but revealed the company's procedure was simply to "close them and carry on." When Brad inquired about the IT team's response to the obviously rampant viruses, the manager explained they were "rude to us and do nothing" and "like to be left alone."
The situation became even more concerning when the manager revealed that the two-person support team had gone on holiday together for a fortnight, leaving the entire office without IT support.
Fortunately, the labor hire company had another office with competent IT staff who were able to clean Brad's PC and restore it safely. For the next week, Brad kept his machine disconnected from the network, during which time "things ran unusually smoothly for the whole office."
When the support team returned from their holidays, they found they had no jobs to return to. While Brad didn't confirm his actions were the direct cause of their dismissal, the timing strongly suggested a connection between his discovery and the team's termination.
The story highlights serious issues in IT support and cybersecurity practices. Ignoring antivirus alerts, leaving an office without IT support for two weeks, and having a support team that actively avoids user interaction are all practices that can lead to significant security vulnerabilities and operational disruptions.
This incident serves as a reminder of the importance of responsive, competent IT support and the potential consequences when organizations allow poor practices to continue unchecked. It also demonstrates how external contractors can sometimes identify and address problems that internal staff have learned to ignore or work around.
Have you ever discovered an IT problem that everyone else had learned to ignore? The Register invites readers to share their stories for potential publication in the "Who, Me?" column.
Comments
Please log in or register to join the discussion