He might not be green, or live in Whoville,
but there’s a Cyber Grinch out there whose intent is to steal.
He hates people giving and acts of goodwill,
The thought of generosity makes him really feel ill.
He hates Christmas Cheer, we’re not sure of his reason,
But that doesn’t mean he ignores the Christmas season.
He’s been plotting and coding, and working with flash
Creating malware that’s vicious, through network defences it’ll smash.
It exploits a weakness, for which there’s a patch,
But our Grinch isn’t worried, cos a plan he has hatched.
He knows from his research, and a few calls he has had,
That most of his targets don’t think that it’s bad.
But Cyber Grinch he knows different, because of something he saw
When ransomware, this year, exploited a flaw
While what he has planned isn’t exactly the same
The devastation he’ll cause will still create quite a scene
Networks will crumble, defences will fall
And he’ll be left to plunder and make off with his haul
He’s been busy with Shodan researching the market,
He knows where to focus, and just who to target
He knows what the defence is, and how to get past it
Banking on users thinking his email attachment is legit
Then once he’s inside and it knows that it’s clear
The malware will detonate and the network he’ll spear
He sits in his chair, he types out the message
He attaches the malware, and then clicks to send it
The email arrives, the gateway it checks it,
Nothing looks sinister, so mail system ascends it.
It sits in the inbox, the user he sees it,
He opens and reads it and then …. He Clicks IT!
At first nothing happens, as the document loads,
Then the screen starts to blink and the PC to moan,
The user he grimaces, reaching for his phone,
He’ll have to report it, meaning his bonus is blown.
Then there’s a flash, the screen goes back as expected.
Any fears he’d done wrong, are quickly rejected.
That’s very strange he thinks, missing the bait,
‘I wonder why someone sent me a PDF invoice claiming payment was late?’
Unbeknownst to the user, deep in his machine,
The malware has slithered, and remains quite unseen,
It waits and it hides and it counts to fifteen,
While the user goes on with his daily routine.
When nothing else happens, and the code knows it’s clear,
It messages Cyber Grinch, who lets out a cheer.
He thinks he’s done it, his evil plan worked,
He rubs his hands together, he’s smug so he smirks.
All he has to do now is wait,
For his malware to fully detonate.
From this point forward, the network is doomed,
The malware has grown and its started to roam.
It’s combing the area, finding similar connections
It’s infecting them all, and nothing has sensed it.
If that were true, there’d be no happy ending,
But this is Christmas, and we just couldn’t bare it!
Aware of the Grinch’s wickedest plan,
The company’s CISO had everything in hand.
He knew of the dangers, he knew of the risks,
He knew that things happened, he knew evil exists.
Rather than leave anything to chance or open to danger
He’d found what was important and protected it from strangers.
So, the Grinch’s malware deployed, but far from a big scene
It was more a damp squib, with the network quickly cleaned.
But the Cyber Grinch’s efforts didn’t go to waste,
Especially as his malware had left a bad taste.
Our CISO shared his malware, so others could learn,
And if it hits filters, it’s now immediately burned.
