The rightful way to make an employee unhappy

ManagersManagement is a difficult art, management in a big corporations is more difficult. Management in a corporation where multicultural requirement is a need is even more hard.

We all know it and, at a certain extent, we have to deal with it. We can’t expect everything works good and right, and we have to show flexibility and we have to open to change and embrace the new but…

Let’s be real, no matter how much effort you put sometimes things are just not right.

There are plenty of ways a company can make your life miserable, and usually they try to ise them all, sometimes the environment is so strong that even the best manager have to comply to disgraceful attitudes.

let’s name some that can turn your working life in a nightmare, some are directly related to management styles, other to corporate rules (mainly thanks CFO and HR)



This is a common nightmare. The manager that want to check every single details. but not in a helpful proactive way, but in a compulsory need to not give delegation or autonomy to the people.

Usually micromanagement comes with a exaggerated manager ego (I am not right because I’m right, I am right because I am the Boss) and a fundamental mistrust of the other people.

Quite a sociopathic attitude? not really is more common than we should expect. It happen that people moved to management position change their attitude and adhere to this model.

Usually the micromanager is also extremely rude and impolite, the kind of guy that calls you at 10pm shouting if you do not anser immediately. you do not have right to your personal life, you life should be built around your manager.

nd of course the micromanager value your time in a different way, so no matter if you reach your goal, the important thing for the micromanager are:

  • do it his-her way
  • time, the more you stay at office the better (so it can control more?)

The point is if you are looking for a life balance, with this kind of managers the only way is to rule out your brain from you work, and just act as a robot. But I can assure you he-she will shout anyway

Yes Man

You know those managers that follow blindly company rules? even the most stupid one? Have you ever worked in that environment?

This situation usually comes together with the denial. Evidence does not touch the manager that will always find a good reason to justify company strategy. When they talk it seems that everyone (except you) are working in a fairyland where all help together, communication is perfect, company treat employees like sons or daughters, and all are working for the greater good.

of course you that object that the reality is different are the point of failure of this model if problems comes they have to be hidden or the blame have to e given to someone in a lower hierarchical status.

No roads no direction

Another typical things that make people unhappy is not to see directions, again a trait of many managers. Every change is allowed and you can’t see a strategy or purpose. Hard to be committed when you can’t see a good reason to do it. But of course every change has a reason, and if you do not cope is you that resist to change.

KPI or how to make clear you will never reach them

KPI (Key Performance Index) are another instrument of torture if used well (and they know how to se it). Basically the idea is to put them at a level that are not reachable, but in a way the fault is your one.

KPI are not necessary sales target wich, by definition, are unreachable, but a complex set of manure used to drive you mad. The more your job is based on intellectual stuffs the better will be your KPI. used as a metric from someone that probably has not idea what your work actually is. but at the end we are all replaceable, and so your work is not so important.

KPI are a fine agreement between two evil entities, your management hierarchy and HR department. HR apparently usually put a lot of effort in designing non understandable systems that seemed to used to target the employee to lower his-her satisfaction, self esteem, professionalism and committment.

Those little financial rules

CFO and financial office are another piece of the puzzle. there are plenty of rules that cha drive you mad.

The complicated procedures to make an expenses refund request are usually a good indicator, the more complex the more easily you get frustrated.

but there are those little rules that really piss you off:

  • Some companies does not allow you to take Mileage gained with flight, since company pay those miles are of the company…

this would be even correct if the company would demonstrate the same attention to the employee need, but usually this is just one little drop in a “cut expenses beyond ridicolousness”

  • Some companies put rules on your laundry, the craziest? You can claim laundry for everything but underwear (it is real,it is real, I can prove it)…
  • Some companies have a certain discretionary ability to move expenses form what is personal expenses to what is business related.

it is quite a common understanding that you have to advance a certain amount of money, wich will be repaid accordingly to the company process. Pity this process usually takes a long time, and the more you have had to advance (bigger expenses claim) the more you have to wait.

Of course the fact you are not travelling for your happiness and pleasure but for job does not come to the mind of the CFO that is probably sat in the office, and when move take a first class flight and can claim every expense.

Cars and other allowance

Ok you give me something for work that is also a benefit. Benefit means it is part of my incomes. so why sometimes this benefit turns out a mer cost since you can not use it for non-working activities (or the constrain are so hight you simply don’t do it?)

From not allowing your husband-wife to drive, or not covering with insurance in non working trip there are a lot of ways to make a benefit non usable.

Of course the best way is not give it to you at all with some good reason, but better not complain, all have to do some sacrifice for the company ou should try to understand.

Phone is another wonderful thing that can slightly make you uncomfortable, mostly if you are an international traveller. policy on phones can var from company to company. some simply does not care (up to you), other provide sim but not phone (but then require you to install any kind of crap on your personal device, it is called BYOD). A classic is to pretend you do not use phone for personal reason (calling family) even if you are on business trip, at the end you live for work not for your beloved. and of course roaming is out of question in most of the case.

Sacrifice and culture

we should all do something for the company.

It hurts me but …

a little sacrifice is mandatory

all nice statements if the company would pay it back with the same coin, but usually those requirements are mono-directional, from management to you.

Is like when a CEO ask for a important layouts and then got a mega bonus, sacrifice hurts mostly if it seems that you   (and your peers) are the only one which is required.

In some culture the idea of sacrifice is embedded, but here the aim is to leverage the idea the lower hierarchy has do extra job (hours, activities) because is the right thing to do; something like if the contract that ties the relationship between employer and employee does not already states what an employee is paid for. If sacrifice can be understandable in exceptional situations, can’t be the rule.

Same with culture. Embracing new culture is a bidirectional activity, you can’t ask to understand new culture if you close yourself. There are company that beside the claiming to be “international” are in reality completely closed to the other work culture. typical example is the HR manager that does not even talk the local language.


For some strange reason flexibility is a thing that tend to decrease with the hierarchy. the more you go up the less flexibility is required. So the lower level have to adapt and cope, and be flexible.

But curiously when is the employee that ask in exchange a little flexibility this is denied. so is goof to ask you to work on saturday without pay, but don’t dare to ask a day or some hours to go to a funeral (I’ve seen this as well, alas).


Trust is a bidirectional thing, you can’t trust someone who does not trust you. at some extent it can be understandable that the company take precautions but it can’t, at the same time, think you have to trust back. If you feel you’re not trusted you will not trust them, as simply as at. Tustin company components is hard, but bad managers and HR usually are in the Top Chart.

So Do not ask me if I’m sending CV away, I do not trust you will understand.

… and so on


Every one of those aspect, per se, can be managed, but usually they comes all together (or at least most of them), because they are all sign of a bad management attitude in the company. Good managers can mitigate this, this is usually exacerbated by bad managers that add their incompetence to the company environment.






The rightful way to make an employee unhappy was originally published on The Puchi Herald Magazine


ransomware again, really?

Malware logo Crystal 128.
Malware logo Crystal 128. (Photo credit: Wikipedia)

Some days ago a friend of mine reported me that his company has been affected by a ransomware cryptoloker style. I keep hearing people infected by this kind of infection and I am starting to wonder if people has really understood what a cryptomalware really is and how it works.


here from Wikipedia:

Ransomware is a type of malware that restricts access to a computer system that it infects in some way, and demands that the user pay a ransom to the operators of the malware to remove the restriction.

Some forms of ransomware systematically encrypt files on the system’s hard drive (cryptoviral extortion, a threat originally envisioned by Adam Young and Moti Yung) using a large key that may be technologically infeasible to breach without paying the ransom, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a trojan, whose payload is disguised as a seemingly legitimate file.”


now let first try to understand what this means in practical words:

a ransomware is a malware“, this should make clear that this is something bad.

that restricts access to a computer system” , this clearly means that the aim of this kind of malware is to make you hard to log in to your computer andor data.

those days the most common form of this malware type is the cryptomalware, a malware that specifically deal with your data encrypting them. this basically means that your data are not deleted or moved but, simply, the malware make them unreadable. if you want to get access to your data again it requires of a ransom to be paid , if you are lucky.

now let us try to understand why this kind of malware is so popular, the reason are basically 2:

  1. it is easy to get infected
  2. it allow a quick access to money

let try to understand why it is easy to get infected by a cryptomalware:

To Crypt or not to Crypt.

Unlike we commonly think, encrypting a file is really easy and need really low permissions: you just need the right to edit the file.

you don’t really need to create special algorithm all you need is deeply documented in literature, beside crypto API are present everywhere and it’s an easy job to reach needed libraries.

So the encryption technique is still hard to be understood by IT managers, not for bad people.

if encryption is easy likewise is easy to have enough right to encrypt a file, you just need your ordinary rights on a file. you do not need administrator right, privilege escalation or esoteric techniques, your right to edit (Write) is enough.

Just remember:

If you can save it, then you can change it

Now this kind of rights are common for any user in any O.S. Even in the most security savvy organization if you can’t open a file or edit you can’t work on it.

On the other end the number of applications, programs, apps or whatever that are able to read and write with your same rights are simply almost all the one present in your system.

this means that a ransomware has:

  • consolidated technology to rely on

  • greatest attack surface (basically any app, browser)

  • low rights needed

a heaven.

another interesting aspect of the ransomware is that the activities it does are almost standard inside the OS, does not open weird ports, does not change configuration settings, does not create users…it just write… as an ordinary user or app.

This makes the identification quite difficult for any antimalware system, since the operation is a normal one, and there are thousands of write operation on file every moment.

A good cryptomalware, moreover, does not need to target sensitive system files, that can require specific access permissions. due to its aim (allow the attacker to make money) it just need to target normal documents: .PDF, .DOC, .XLS, .PST …..

and those are the documents you commonly use, edit and save.

I want you to understand a critical point:

if your antivirusantimalware didn’t detected the ransomware on the infected machine, there is no way that other AVAM can detect the operation against normal readwrite operation on files, since a good ransomware just access what the user can access and do what the user usually do.

So what you need to be infected? All you need is your browser or the access to an infected application and you have an open windows to the world of encryption.

But I have antivirus on servers…..

good for you, good security practice to avoid infection spreads across your networks, almost useless against cryptomalware activities coming from an infected machine.

Got infected, and now?

It is easy to get infected, it is a different story to get rid of it.

Basically you need the key and the algorithm used to encrypt the file to decrypt it. This can be done usually in two ways, but neither of the two gives guaranties:

  1. you pay the ransom
  2. you ask support to an antivirus company

let try to understand option 1.

there is no guarantees that once the ransom has been paid you got your key. the reason can be different, and not necessarily related to the “ethic” of your attacker (please feel some irony in the previous statement).

there are a lot of old ransomware in the wild coming from old attack campaigns that are no longer monitored, and may be there is no one ready to accept your payment in bitcoin or any other virtual currency.

this is a more common issue than you think, a ransomware attack is not meant to last for ever, but the infected sources can remain infected for a lot of time even after the attack.

the attacker can been already been arrested or simply consider to risky to accept the payment.

and I didn’t mentions other unlucky condition, like been a collateral damage of a target attack to someone else, just so unlucky to find a test code to prepare an attack ……

so pay is an option but without guaranties…

let consider option 2

If nobody gives you the code you can try to analyze the encrypted files to find out if there are “fingerprints” resembling some known attack, in this case you can try to guess the encryption key somehow once you understand what is the cryptoware that makes the damage. luckily to avoid too much resource consumption usually keys and algorithm are not the most resource intensive, so some reverse engineering is still possible.

antivirus companies have samples and technology to try to save your data… try is the key.

there are no guaranties.

The problem is how much time you need to free your data form this unwanted encryption. it is a matter of time or, if you like more, processor power. even if well equipped even antimalware companies have limitation in terms of resources, so it is not always possible to encrypt your data.

I am sorry but this is the sad truth, in a world with unlimited resources we would not be affected, but we are not in this kind of world.

What should we do?

I wrote about this in the past (same subject actually). the very first step should be:

  1. isolate the infected machine
  2. report the incident to the local authorities
  3. report the incident to your antivirus software company
  4. start a recovery and mitigation activity.

1. isolate the infected machine

a ransomware can encrypt easily so it can spread easily: shared folders on servers are an easy target. before you can realize it your user can have create a lot of more damage. and if your antivirus didn’t catch it and you use the same antivirus on the servers there are no reason to expect a different behavior on your fileservers.

2. report the incident to the local authorities

believe it or not, police enforcement units can be of great support, you can be victim of a running ransomware attack that they are already monitoring or simply they can track down the attacker and get the key. Keep in mind that a ransom, unless is organized by a government in form of taxes, is never legal.

 3. report the incident to your antivirus software company

like for the previous point you can be lucky enough and they have a solution, as I wrote before it is not sure but is a possibility. beside reporting an attack that has not be detected makes possible to write protection signatures. don’t even think for a moment that since you got hit ones you are safe for the rest of your life. this is not like “chicken pots”  , you can’t be immunized.

4. start a recovery and mitigation activity.

this is the harsh point right?

what means recovery and mitigation?

well let be clear: till you do not have forensic proofs on how the infection strikes you, you can’t say you are safe. the malware that fucked you once can be still there lurking in the dark inside your network.

you should take all the needed precautions rising up the level of monitoring, checking for unusual write activity and alert your users on what are the steps to follow.

the target is to lower the kind of damage the ransomware can do again till you are not sure you are clean, and the incident is solved.

about recovery, well it is clear here that the king of the lab is a good backup policy. This means to have a system that can allow you to recover your data to a previous state, when data were not affected. this will lower the amount of damage you are going to face.

there are thousands of articles on how to manage correctly backup so I will not spend time here. just if you think backup is obsolete you probably didn’t understood what backup means (and what are the current available technologies).

just want to mention a couple of things:

disaster recovery and backup are two different things, so do not think you can use one instead of the other

some vaulting system, versioning , journaling and other technologies can be useful to mitigate and recover from this kind of accidents.

sometimes would be enough to plan correctly what you already have in your OS to survive this kind of problem, versioning and journaling of files are technologies present in windows and Linux, you just have to carry out them knowing what you are doing (possibly).


to the next, cheers.

Related articles

var aid = '6055',
    v = 'qGrn%2BlT8rPs5CstTgaa8EA%3D%3D',
    credomain = '',
    ru = '';

ransomware again, really? was originally published on The Puchi Herald Magazine