Profile picture
, 8 tweets, 1 min read Read on Twitter
Here's a short infosec horror story with no ending (yet) - neither good, nor bad.

Thread...
Every month, the accountant at an organization that shall remain unnamed to protect the guilty, receives an Excel spreadsheet from the central office. She uses this spreadsheet to do the salaries for the staff for the month that just ended.
She receives this spreadsheet as an e-mail attachment. It's a different file each month, so she can't just save it once on her local machine and use that.

The spreadsheet contains macros, which are needed for it to work.
So, basically, each month the person doing the salaries clicks "Enable content" for an Excel file she got by e-mail.
Oh, BTW, the macros aren't signed. I don't know if they change each month or if only the data in the file does. The machine is not part of Active Directory, not monitored or controlled by an admin in any way.
The good news: her machine hasn't been ransomwared yet. Also, it is being backed up regularly.

The bad news: there is no way to solve this problem, I mean, this disaster awaiting to happen.
I tried to explain to her how dangerous this is. She interrupted me on the second sentence and told me that she doesn't understand a word of what I'm saying, that this is how she's been told to do things and that if she doesn't do them, she will be reprimanded.
And this, folks, is why we keep having security incidents.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Vess
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!