> Or it's just malware that's "around" the company since nobody cares what they download, which USB keys they plug
There's a fun story documented on Darknet Diaries (https://darknetdiaries.com/transcript/22/) about a wind farm that got hacked. The "malicious" actor had found his way into their infrastructure and installed some idle cryptominers. But he was also taking the time to maintain all the infrastructure; applying updates and patches on a regular basis in an effort to keep other would-be hackers out. The security consultant discloses all of this to the company. Well, the story ends with the company making a business decision to leave things as they are. They were effectively getting free IT.
There's a fun story documented on Darknet Diaries (https://darknetdiaries.com/transcript/22/) about a wind farm that got hacked. The "malicious" actor had found his way into their infrastructure and installed some idle cryptominers. But he was also taking the time to maintain all the infrastructure; applying updates and patches on a regular basis in an effort to keep other would-be hackers out. The security consultant discloses all of this to the company. Well, the story ends with the company making a business decision to leave things as they are. They were effectively getting free IT.