It's worth pointing out the misrepresentation of "NotPetya, a particularly nasty strain of ransomware, tore through its networks, encrypting and locking up everything in its path before showing messages demanding a ransom of $300 per device" - unlike the earlier Petya, NotPetya was never intended to collect a ransom, it was purely destructive malware intentionally modified so that it would be impossible to recover the devices for a ransom. It did display a $300 dollar message for the purposes of masquerade, but it was a weapon to disrupt Ukrainian economy (released by a watering-hole attack to all companies using a particular accounting tool aiding Ukraine tax filing, including multinationals like Maersk), not simply a cybercrime "business tool".
On the subject, the book sandworm by Greenberg is a deep dive in the story of how that worm came to be, how it spread, who’s behind it etc.
I highly recommend it, it’s a very good read. And also makes you realize what cyber warfare looks like or how it can shit a country down (as it did Ukraine: no power, no ATMs, no way to pay for food...)
If anyone is interested in how the original infection went down, along with the recovery, I can recommend the book "Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers" https://www.amazon.co.uk/Sandworm-Cyberwar-Kremlins-Dangerou...
It covers Maersk, lots of infections that paralysed Ukraine, along with the whole Iran mess that was instigated by the US.
Imagine if the entire IT department spent redundancy period self-isolating due to medical concerns of the current human malware going about.
Certainly make for a faster education in transition.
Issue is not offshoring, issue is the loss of business knowledge and experience and a pattern that's played out many times when things are offshored. The whole RBS bank disaster being one of many examples.
Ah, the old C level exec decision to outsource to your "India team".
Usually immediately followed by said company having severe and often crippling issues immediately after doing so.
This adage always goes so well! Truly one for the modern times.
Yeah, classic seagull management. Come in, flaps and make lots of noise only to fly off before the shit happens. An issue that plays out in many ways. Been something I've noticed happen for a couple of decades now.
But it's just short-term thinking allowed to play out as it looks good on the balance sheet and dividends. Death by accountant is a thing.
Good CEO's/management stand out to staff, however long their tenue. Though they tend to be retained.
How would I act, well, if you was good, I'd vocalise that and your replacement would have a hard time filling those shoes. But again, why would a company let a good manager/CEO leave due to some fixed term contract?
Equally I get that people get bored at all levels and move on, even if the company tries to retain them.
It's not a label liberally bestowed upon all people just because they are not there long. You generally find bad management are brilliant at being seen to be doing their job, over actually doing it. Equally, you can find good management can and do get shafted and seen that happen.
Though I will add that I've not worked for a company that employs CEO's for fixed terms as you outline and do find that curious as it does seem somewhat counter productive upon all levels.
> Ah, the old C level exec decision to outsource to your "India team". Usually immediately followed by said company having severe and often crippling issues immediately after doing so.
Or the small onshore team they kept burning themselves out trying to hold the ship together.
If your company gets hit that hard by NotPetya, something is so wrong on a cultural level, I really wonder what is going on there.
You would expect that a a company operating real-life things like enormous container ships with all logistics and safety requirements would understand risk.
Shipping is a conservative industry that's barely had to change to meet the digital revolution. It's not surprising it doesn't understand digital risk.
Also, as someone who used to work at Maersk, I can attest to the fact that for a Danish company it is extremely hierarchical. Decisions are not made by anyone with any technical competency.
When the company decided to try out an agile software development approach, they redesigned some office landscapes to open plane type things with writable walls (and floors for some reason). Anyways, the designers wanted to use colors that weren’t the official company colors, in order to get approval for this the decision had to go all the way up through the hierarchy to senior executive management... for the color of the walls in an office... intended to foster agility.
Apparently there are still companies left thinking that IT is not their core business. Surprised to see this in logistics though. This didn't go well for Deutsche Bank (there were additional significant consumer facing outages in Germany): https://www.ft.com/content/99f27434-0241-11ea-b7bc-f3fa4e77d...
I wish I knew of some way to change this paradigm. I have repeatedly seen IT/Engineering teams pull out miracles that save a business, or deliver the critical edge for growth, only to have the business value that same team close to zero shortly after.
It seems to me the gap in time between reducing staffing and disaster is perhaps too long for intuitive connections to be made, but that seems overly simplistic to me too.
A well-run company doesn't need "miracles". They paid the price of unpreparedness, and successfully rebuilding servers doesn't imply learning lessons and improving processes.
I completely agree. I was only pointing out that even extreme cases don't seem to lead to proper valuations.
Many companies do things in a way where miracles aren't required - but the values perceived by those departments still don't seem in line with value delivered.
Many times purely business folks don't take the time to understand tech as it has a higher initial learning curve and so its a black box domain for them.
Not that they need to achieve high mastery over it but a little understanding goes a long way.
I've seen it time and time again, since they don't get it they fear it and the seeming power it has over their company. They treat it like a force of nature -- something that just is instead of another business domain to learn something about and so when things break there is this weird abdication of self determination like there was no possible way to have prevented things from going down or reaching a point of no recovery.
This all in turn leads to the lower valuation of tech instead of say sales or marketing.
Perhaps calling it an heroic effort would suit your taste more?
"Those teams rebuilt around 4,000 servers and 45,000 PCs and other devices" over 10 days (according to another article), while the company "ground to a halt".
I don't know about you, but if I had a team that pulled that out, I would have a deep respect for their service and contribution to the business.
Maybe I am missing something, but I didn't see anywhere where this was a company brought in, I am under the impression it is the company's internal staff recovering from ransomware, and now being laid off.
My broad (20 years) experience is that IT is usually later than forecast and often the 'business' make up the shortfall by producing miracles/take the pain.
I think this is mostly true though. There are two separate areas, _technology_ and IT.
Technology is often not a cost centre and can be a competitive advantage for the right company, but Maersk is not and probably doesn't need to be a tech company (although I guess they could have a tech-forward strategy).
IT, as in, what it takes to have a computer per employee that they can use, phones, productivity software, etc, is almost never going to be a competitive advantage. It's almost always going to be a cost-centre, definitely so for a company like Maersk.
If it's done wrong it can definitely be a loss centre though, as in 'lose the whole company'. And arguably you see little innovation once you've outsourced it. This pleases accountants, as innovation scares them, and consistent billing fulfills them.
However, when technology is called upon to interface between the deeply technical (operations analysis for solving efficient container shipping and fleet Management), the thousands of people and manual handling and data entry operations per day, in just about every country and climate possible, then your IT operations are non-standard.
Many IT teams do a lot to further this view unfortunately. They are often too passive and fail to engage with the rest of the company. Creativity isn't valued and good folks leave which means you only have very average process drones. These folks are then ripe for replacement by cheap, outsourced labor.
That describes exactly the situation at my company. IT is full of smooth talking managers and analysts who know nothing but manage a large army of outsourced super cheap contractors. Pretty much all experts have left or have been laid off.
I think there's a more obvious problem that it feels like everyone is blind to. Do we really think these IT staffers are seen by their management as heros? For sure they aren't. Maersk was nearly unique in how badly it was taken out by that virus. Job number one of any IT department: don't let a virus destroy your network. They completely failed at that and the business paid a huge price. The causes were as you may expect - not keeping up with Windows updates, all the usual stuff. Not having any offline backups of critical infrastructure. Things they were trusted to get right.
Are maersk management likely to be losing sleep over replacing this team? Probably not. What are they going to argue exactly - the Indians won't do as good a job as they did?
I know it's harsh. I'm sure pointing this out won't go down well. But in the end they're not in a strong position to argue for their jobs.
They will absolutely get kicked in the nuts at some point in the future. They obviously didn't learn from the ransomware incident, and look to be actively opening themselves up for another attack with this move.
Ask so when does consultation begin (call your union rep if your a member) and make sure you all get an enhanced pay off
Start looking for a new job - experience in fighting a big attack like this might be of interest to various TLA's (assuming your grandparents are native born citizens)
I you find out early take your annual leave
Make sure to take your laptop home if you have one
The last two are in case mersk do what some other big European companies have done and try and avoid paying out - one case I know of was a uk subsidiary being made bankrupt
Oh, I forgot about the consulting angle, where one could potentially get paid to come in and help fight the malware that they wrote. No one better qualified, really. They ought to remember to charge more for the consult than it would have cost to pay them off to unlock the ransomware, too.
In case anyone needs a Poe's Law check, this was all insincere. I was just trying to draw attention to the fact that Maersk is essentially drawing a huge target on their back for aspiring malware authors, by firing the people that pulled them through their last crippling encounter with malware. It is extremely unlikely, when they get hit next, that any of their former employees will be involved. (And even less likely that any of those people will still be around to pull their asses out of the fire again.)
Surprising that there is no mention of Brexit in the article. Really unusual that they stuck throughout the chaos and then only when things are finally clear they close this department.
Maersk might have IT issues, but they won't be solved by offshoring jobs unless they stumble on more competent people that are somehow able to organize work better.
In the linked Wired article, it says it was Deloitte that fixed the issue:
"The Maidenhead recovery center was being managed by the consultancy Deloitte. Maersk had essentially given the UK firm a blank check to make its NotPetya problem go away, and at any given time as many as 200 Deloitte staffers were stationed in the Maidenhead office, alongside up to 400 Maersk personnel."
I was there. Deloitte were certainly brought in to help and manage, but it was an all hands to the deck, 24 hour operation for the main recovery process at the Maidenhead offices.
a layoff is something a lot of people go through. And those Indians are generally more competitive. It's nothing special. I'm pretty sure they will find other jobs.
