Page 19 of My Secret Snowflake
“As we discussed earlier, there’s definitely been an intrusion in our system,” Raphael says.
Kevin says, “Are you certain?”
“Yes. I set up additional traps, and the hacker tripped two of those,” I say.
“You set up additional traps? You didn’t think to tell me about them?” Kevin stares at me. It’s not a friendly stare.
“She told me,” Raphael says. “They’re listed in last month’s security report.”
Kevin grimaces. Raphael and I have suspected the security report assignment is just make-work and Kevin never actually reads them, but nice to have it confirmed.
“Since we are still working on integrating our system with New Mexico, I set up some traps as an additional precautionary measure,” I say. That is my job right now—integrating the New Mexico information infrastructure into our information security system. As a start-up, their one IT guy had put in some minimal security measures, like data loss prevention software. But now L’Etoile is ramping up hiring there—in the past month, I’ve interviewed two more candidates for information security positions to be hired for the New Mexico office. Labor is much cheaper there.
I click to the first introductory slide. It’s always best to set the stage with Kevin. It shows how our company has a lock and security alarm on the front door of our building—this would be our perimeter defense—but then we also keep files in locked cabinets, we have passwords on our computers and full disk encryption, and we have locks on office doors. This is what we’re doing so far to integrate New Mexico’s assets. My next slide explains how the hacker tripped my traps.
We next explain the countermeasures implemented to date. The investigation has been inconclusive so far, but it’s early yet. Raphael adds his pitch to hire a forensic firm.
“Look, kids, if the hacker didn’t take anything, this isn’t a priority, and I’m not going to ask for a forensic team to come in and investigate,” Kevin says. “We’re trying to keep this location open and keep our jobs. I can’t propose that we make some huge investment in this—not to mention, I’mnotgoing to admit to our new bosses we have any weaknesses in our cybersecurity infrastructure. There’s no funding for hiring a forensic team.”
What?
“Is there a question about whether this location stays open?” Raphael asks.
I must look as shocked as Raphael.
“Yes,” Kevin says. “New Mexico and New York have both been asked to make presentations about what we offer, justifying why we should stay open. It looks like France just bought us for the movie IP.”
Raphael and I sit back in stunned silence.
I’m about to lose my job? Can this year get any worse?
“So, when you were asking me to set bonuses for both a best-case and worst-case scenarios, that wasn’t the worst case?” Raphael asks.
“The worst case is we’re all out of a job, so there are no bonuses,” Kevin says and then immediately moves on. “If someone got in, it must have been because some user clicked on a phishing link. Didn’t the New Mexico CEO recently click on a phishing email? How’s that campaign going?” Kevin stares at me as if he didn’t just hand us coal in our stockings.
Fine. I can be unemotional about this.
“I can push that up the priority list,” I say. “I was working on increasing New Mexico’s security and facilitating their secure migration to the data center.” Which is what Kevin said should be my priority at the team meeting last week. It’s still listed as the number-one priority on the whiteboard behind me.
“Isn’t it better to admit that we have an intrusion and then leave the decision up to France?” Raphael says. “It’s not like Albuquerque is in any better shape. They grew so fast that they only have one guy. And not to be boastful, but he’s not in the same league as Iris and me.”
“Yeah, but he’s half your salary alone. The last two movies flopped, and now France is looking to cut costs everywhere. I don’t even know if they think we have anything valuable worth protecting—other than our movies.” He stands. “Raphael, I told you I’d give you a half hour, and I’ve done that. You work on investigating this, and Iris, you should focus on the phishing campaign because that’s probably how they breached our perimeter defenses. And I’d like a written update on the migration and a detailed report of any security measures you’ve taken. All of them. Even if you’ve reported them to me before.” That’s our cue to leave.
I close down my laptop and pick it up, following Raphael out into the hallway.
“Apparently we should be looking for jobs,” Raphael says. “I’ll do what I can, but it doesn’t make sense that France wouldn’t care about a hacker in the system. Especially when we can’t tell what the hacker was looking for. Or what, if anything, they stole.”
“It definitely doesn’t make sense,” I say. Kevin is normally cautious and conservative.
“Wait. Are you looking for another job?” I ask, shocked. I hope not. Working for Raphael has been a dream come true. He is the perfect boss. Kevin, not so much. Which means this job definitely isn’t as great for Raphael since he reports directly to Kevin. “I can also stay late to help you investigate, even if we can’t do everything we want to or hire a forensic team.”
“Let’s do what we can. It’s our reputation in the industry on the line as well,” Raphael says. “I’ll try to figure out what was exfiltrated, while you work on installing additional security measures and containing the damage.”
“Okay,” I say. “And I’ll also create more test phishing emails. Maybe with fake job offers.”
“That might be too tempting, once this news gets out,” Raphael says.
Raphael thinks this could be true. My stomach sinks.
