Time for a short story – Everybody wants to get a pay raise, right? Once upon a time …

I was working in the hospitality sector as part of a 3-man IT team. Prior to that, I was jaded and burnt-out from programming plus constantly being sandwiched between clients, users and my company in a role I excelled in but didn’t like. This pivot meant that a large part of my work was now vendor management. However, we are basically the “catch-all” and this meant that every single thing that is remotely related to computers, we’d be responsible for it. Which was kind of fun, considering that a large majority of the staff in certain industries have so little technical knowledge with respect to IT that sometimes, I’m basically making things up as I go along.

Here’s the thing – the single most important tool I have is .. Google. I can never understand why people would prefer to ask something verbally instead of consulting Google directly. I was trained in the abyss of StackOverflow because in my previous life, asking people was often useless. No matter what it is that I needed – setting up a network printer, joining a computer to a domain, setting up back-ups for the tape-drive, blah blah — I simply Google-d it. Besides, people don’t know what I don’t know, right?

It was a period of time when my mind was running at really low utilization rate, because my job valued soft-skills like resourcefulness and customer-service (give intelligence answers) instead of technical prowess. It was during that period of time that I honed my skill-set in personal finance and investments.

A Normal Day

It was a normal day just like any other normal day. My phone rang. Someone’s computer was looking weird. Files couldn’t be opened. We usually don’t handle basic things like this, but the description sounds odd. I went over to take a quick look. One look and (crap) I knew what was the problem. I wasn’t actually trained in this area but I had read (general knowledge helps) about it.

Ransomware!

I pulled the network cable out without a single thought. Then, I quickly took a quick look to see the list of network machines and shared drives it had connectivity to. Like I said, I was winging it as I go along. Asked everyone in the department to yank their network cables, too, since they were typically connected to shared drives. Powered up and check all their machines, one by one. Good news – no other infections.

Ransomware is really easy to spot, really. They want you to know, and they would encrypt all common file formats, and leave files everywhere or change wallpaper telling you they would undo it if you paid — usually in Bitcoins.

With my heart-racing (OK, an exaggeration there), I quickly checked my shared drives and servers – no sign of anything weird. Called other departments to make a few innocent checks – no sign of ransomware too.

Of course, eyeball-ing wasn’t going to cut it so I ran the standard anti-virus scans on all our critical equipment. While that’s running, I quickly did a check that our recent tape back-ups went fine (the backup jobs had a tendency of dying, sometimes, haha), just in case I needed them. Phew.

Lucky Day

Looks like I was in luck. The potentially enterprise-crippling crisis didn’t materialize. The ransomware that infected the machine either wasn’t that clever (it didn’t immediately start crawling all volumes) or that it was busy encrypting the local machine and hasn’t moved on to the rest of the network yet. With the emergency contained and time on my hands (the scans were running), I turned my attention back to the infected machine.

I didn’t actually know what to do. After a few minutes of Googling, I pretty much figured out that the encrypted data would be lost forever. It was a new variant which meant that there would be no publicly available decryption keys just yet. And no, don’t even think about paying. That would be stupid, and impossible for a corporate environment — although it might work if one really need the data.

With nothing much that could be saved, eventually the machine was re-formatted and reinstalled with a brand new operating system. Nailed down the cause to fishy emails that the staff had received, and clicked on earlier.

Pay Raise ?

Management thought I had handled the situation well, which was nice of them. And no, they didn’t give me a pay raise. They probably didn’t know enough about the topic and wouldn’t have predicted what the worst-case scenario would have looked like. *shudder*

More importantly, the scenario intrigued me and during the process of attempting to recover data and nail down the root cause, I did my own research and took freely available online courses offered by universities to brush up my technical knowledge with regards to data recovery and cyber security etc.

A few months later, I applied for a new job in a very niche field that I had zero prior professional experience in. I got the job, and it came with a very nice pay package. I gave myself a pay raise! More likely than not, my chances was boosted by the personal time and effort I put into learning about something that intrigued me, and that I was able to leverage that experience to my advantage.

Life is like a box of chocolates – you never know what you are going to get. A pay raise, perhaps?

     🙂

    😛