why-was-i-breached - annna - Annna the nice friendly bot.
HTML git clone git://bitreich.org/annna/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/annna/
DIR Log
DIR Files
DIR Refs
DIR Tags
DIR README
---
why-was-i-breached (2562B)
---
1 #!/bin/sh
2 #
3 # From: https://whythefuckwasibreached.com/
4 #
5
6 actors="Russians
7 NSA
8 FBI
9 North Koreans
10 Chinese
11 Anonymous collective
12 teenage hacking prodigies
13 Iranians
14 KGB
15 industrial spies
16 competition
17 Europeans
18 Americans
19 cyber terrorists
20 advanced persistent threats
21 state actors
22 rogue AIs
23 APTs
24 Fancy Bears
25 foreign assets
26 master hackers
27 technology whiz kids
28 script kiddies
29 hacking activists
30 hacking people
31 security community
32 internet crowd"
33
34 methods="0-day exploits
35 unprecedented XSS vulnerabilities
36 infiltrators
37 overwhelming force
38 botnets
39 ransomware
40 DDoS attacks
41 IoT malware
42 advanced techniques
43 hacking drones
44 cyborg bees
45 digital nukes
46 the open door in our basement
47 that one vulnerability we were going to patch next Tuesday
48 that other vulnerability we were going to patch next tuesday
49 something something vulnerability
50 vectors we really couldn't have prevented
51 vulnerabilities in a 3rd party solution
52 weaknesses in our vendors
53 nefarious techniques
54 an issue in Wordpress 1.0
55 Heartbleed
56 a vulnerability in Windows XP SP1
57 pen and paper based social engineering
58 an open window in the server room
59 30 - 50 feral hogs"
60
61 targets="gain access to some data
62 cause a minor disturbance
63 potentially access some customer data
64 cause an undetermined amount of damage
65 partially disrupt our services
66 breach our high security servers
67 glimpse into our database
68 transfer 7 petabytes of data
69 extract some private keys
70 do something, but we aren't quite sure what it is
71 make a mess
72 make us look bad
73 force us to release this report
74 hack the coffee maker
75 install a C99"
76
77 mitigations="made everyone promise to be super super careful
78 gotten ISO certified
79 gotten PCI certified
80 worked with industry leading specialists
81 upskilled our cafeteria staff
82 hired external consultants
83 worked with law enforcement
84 bought an IDS
85 twiddled with our firewall
86 been pretty good about security
87 hired some people with 'CISSP' after their names
88 watched a YouTube video on cyber security
89 told them to not do it again
90 said that we are very sorry
91 copy-pasted a security policy we found on Google
92 hired a Russian dude
93 watched the movie Hackers 8 times back to back
94 sent one of our guys to Defcon
95 put a rotating lock GIF on our website"
96
97 selactor="$(printf "%s\n" "${actors}" | shuf -n 1)"
98 selmethod="$(printf "%s\n" "${methods}" | shuf -n 1)"
99 seltarget="$(printf "%s\n" "${targets}" | shuf -n 1)"
100 selmitigation="$(printf "%s\n" "${mitigations}" | shuf -n 1)"
101
102 printf "The fucking %s used %s to %s. But we have since %s, so it will never happen again.\n" \
103 "${selactor}" "${selmethod}" "${seltarget}" "${selmitigation}"
104