:crab-party: :crab-party: :crab-party:

  • crime [she/her, any]
    hexagon
    ·
    3 years ago

    Oh yeah, at my last job one time during a casual after work chat like a half dozen of my coworkers and I were just talking about what a hypothetical "disgruntled employee" could do to cripple the company if they wanted. Some of my favorites:

    • delete every IAM policy, role, and user so no one could log in to AWS and nothing internally could talk to anything else, but the company would still rack up their usual hosting bill
    • write a bunch of realistic junk data to the database, scramble all the foreign keys, touch every record, delete the backups
    • sell the company's domains

    I mean, shit, I don't know a single devops engineer who hasn't thought about the myriad of ways they could literally shut all operations down in a way that would take their coworkers weeks to recover and would be impossible for anyone without working knowledge of the systems to fix.